* Posts by Chronos

1257 publicly visible posts • joined 21 Oct 2007

Firefox 3.7 swivels glassy eye

Chronos
Badgers

@Steve Mason

Exactly. Some of us, a group of people which seems to include you and I, would prefer a release that doesn't immediately attract a Milw0rm post over just added eye candy and a version bump.

It's getting hard to know who to trust in the browser game these days. Perhaps the mantra should be "trust nobody."

Adobe peels off Flash layers for open source

Chronos
Thumb Up

Hmm...

"software components that plug into Flash players, in areas such as ads, user measurement, tracking" <snip>

Thanks for the confirmation, Adobe. Now I *know* I was right to link my ~/.macromedia and ~/.adobe to /dev/null. I shall create a simple little script tomorrow to do the self-same thing in every user /home directory and Samba profile on the network, cron it in case I miss any new users in the future and, since DOM storage is disabled network-wide, you can then stuff your and anyone else's supercookies where the sun don't shine.

You guys have a really nice day now, hear?

Oz cops turn to wardriving to fight Wi-Fi 'jackers

Chronos
WTF?

No clue

WEP'd? WEP is about as secure as a car with the keys in the ignition. One would think that if they're going to be dictating to people about security, they'd at least do enough research to make that "advice" useful.

Chronos
Happy

Meh!

Forgot the tagline:

Jesus WEP'd!

Fancy dropping into Pitetsbkrrh?

Chronos
Thumb Up

QLF

The traditional response to this sort of brass-pounding. It was never an official Q code, but it has been accepted as meaning "please try sending with your LEFT foot on the next over."

--... ...-- -.. . -.-. .... .-. --- -. --- ... ...-.-

Google uncloaks Chrome OS hardware pals

Chronos
Badgers

Do Google realise...

...that "Chrome" in the IT world generally means "shiny, unnecessary eyecandy used to disguise the fact that the underlying code is poorly thought out, spyware-ridden crap"?

Time will tell, I suppose.

Robot land-steamers to consume all life on Earth as fuel

Chronos
Pint

I like it.

At least there's now a fitting response to those who keep whining on about carbon dioxide and "the environment" as they line their own pockets. See? They can be useful - as fuel.

BT abandons Phorm

Chronos
Thumb Up

Two becomes one...

Looks like the Craphone Whorehouse, AKA TalkTalk, have lost interest too. I imagine the conversation went something like "Holy crap, we could get prosecuted without the 'BT do it as well' defence!"

http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article6652692.ece

Of the major providers, this leaves Virgin Media standing on their own looking like a complete and total tunch of bossers.

Chronos
Pint

@Tim Brown 1

Precisely why this battle seems to have been won but the war still rages on. Complacency is the enemy right now. Tim Greening-Jackson is right (although how one would persuade an ISP to install and maintain L7 DPI kit without a profit-sharing scheme is beyond me at this juncture) with his warning that Google especially are the ones to watch. NebuAd may be dead as an entity (the London spin-off, InsightReady has sworn off DPI, but we should keep an eye on it anyway) but AudienceScience, Kindsight, Adzilla et al still seem to be alive and kicking, with many other marketing houses watching with interest. Match point will be a clear statement on EU or UK privacy and communications integrity law, and that still seems a long way off.

The war may not be over but we can be forgiven for fist-pounds, air-punches, high fives and a little smugness right now; this is the first clear victory in the 2+ years we have been fighting this. Alex Hanff , Richard Clayton, Chris Williams and El Reg especially deserve credit for this milestone for their tireless efforts to educate people about this threat to our online rights.

Chronos
Pint

YES!

We'll raise a glass later to the inevitable corpse of Phorm. This is not the result I really wanted; I wanted Phorm's DPI technology to be ruled illegal, unethical and BT *forced* to drop it, but this will do as an interim solution.

One down, two (VM and StalkStalk) yet to announce it has been a waste of time.

Samsung Story Station 1TB external HDD

Chronos

@Sam

Far too organised. If I made finding a cable less of a challenge, every Tom, Dick and J Random Luser would be making off with all my "kettle leads." That's my excuse.

To be fair, mine is a suspended pile; there's so many of the things, anything other than "pile" or "heap" (but never "stack" as that sounds like you could just push a cable on or pop a cable off with a simple operation when, in reality, a big job breaks out) is doing the resultant mutant squid an injustice. It contains anything from old 100R twinax cables (that, thank Eris, I will never have to make up again) to eSATA multiports. Speaking of which, I really ought to check that rope that suspends them all...

*THUD* <muffled swearing/>

OK, *now* it's a pile ;o)

Chronos

@Sam

The many tentacled cable tree. It's a feature of many a geek room. Of course, you can never find the one you want, can you? Ever tried looking for a null modem cable or an APC dumb cable that doesn't kill the UPS as soon as DTR goes high making the whole thing as pointless as a muslin condom? You know you had one on that pile but, even though it was like dog turds underfoot and you wished the sodding thing would piss off last week, finding it now is an exercise in futility ;o)

Whilst on the subject, why is it that when I need an IEC lead with a BS1363 on the end of it all I can find is IEC M->F, yet when when I want a M->F...

Tiny-traffic DoS attack spotlights Apache flaw

Chronos

mod_cband

mod_cband would seem to mitigate this problem for now, using CbandRemoteSpeed to limit simultaneous connections to a reasonable level. Be careful with the setting, especially on web2.0rrhoea sites and do note that mod_cband's restrictions need to be applied to vhosts, not globally.

Also, the Slowloris code seems to hint at a global Timeout setting <166 seconds being problematic:

if ( $delay < 166 ) {

print <<EOSUCKS2BU;

Since the timeout ended up being so small ($delay seconds) and it generally takes between 200-500 threads for most servers and assuming any latency at all... you might have trouble using Slowloris against this target. You can tweak the -tcpto flag down to 1 second but it still may not build the sockets in time.

EOSUCKS2BU

}

I generally have mine set to 45 and broken modems and slowpokes be damned. The default is assumed to be 300 seconds or five minutes but we wouldn't go shoving an httpd up with the defaults, would we?

EC calls for one world internet governance

Chronos
Flame

ICANN

For once, I am wholly on the side of the Americans. Leave the bloody thing alone! ICANN and the US have done a sterling job of running the Internet's infrastructure (DNS, IP allocation etc) in a "hands-off" manner with the RIRs for ages and long may it continue.

Let the EU stick it's bloody bureaucratic noses in and it'll be task groups for this, committees for that, nothing will ever be decided and the whole thing will grind to a satisfying (for the EU, natch) stop. Far better to have a single point of contact capable of unilateral decisions in matters technical run by technical people than introduce politics and apply the ideas of broken democracy to something that just needs to bloody well work. Take signing the root zone as an example: Do you really think that would have been decided within months (OK, years) with a load of half-wit politicians from the EU having a say? We'd still be stalled over the signing algorithm while the EU tries to get the actual work pulled from Verisign/ICANN and awarded to an EU puppet organisation hampered by "oversight" meaning nothing would ever get done without EU approval.

Didn't we go through this shit before? Perhaps they think the number of AOLers who have crept into ISPs' upper echelons has reached the level where only they need to be duped to get majority support. That's the only explanation I can come up with.

Chinese firm hits back at cyberspy claims

Chronos
Thumb Up

@AC Sun 18:24

"Deny" on this system is equivalent to "drop" on others (in fact, drop and deny are interchangeable). It silently blackholes the packet and doesn't send a RST. With a few sysctl tweaks you can have this as the default behaviour of any closed ports exposed, too. The "reset" action would give the (bad) behaviour you describe. Good heads-up, though, and you're quite right that the "stealth" response to a blocked packet has always been best practice.

Chronos
Thumb Down

Re: When they stop port scanning, I'll maybe listen

/var/log # grep :1080 security | cut -d " " -f 1,2,3,8,9,10

Jun 12 11:51:56 Deny TCP 222.208.183.218:12200

Jun 12 13:27:39 Deny TCP 222.208.183.218:12200

Jun 12 15:04:04 Deny TCP 222.208.183.218:12200

/var/log # grep :3128 security | cut -d " " -f 1,2,3,8,9,10

Jun 12 05:25:17 Deny TCP 221.195.73.68:12200

Jun 12 11:52:04 Deny TCP 222.208.183.218:12200

Jun 12 13:27:48 Deny TCP 222.208.183.218:12200

Jun 12 13:55:23 Deny TCP 221.195.73.68:12200

Jun 12 14:25:56 Deny TCP 61.160.216.187:12200

Jun 12 15:04:13 Deny TCP 222.208.183.218:12200

Jun 12 15:59:37 Deny TCP 221.195.40.169:6000

/var/log # grep :8000 security | cut -d " " -f 1,2,3,8,9,10

Jun 12 05:25:21 Deny TCP 221.195.73.68:12200

Jun 12 08:13:55 Deny TCP 221.195.73.68:12200

Jun 12 10:41:27 Deny TCP 221.195.73.68:12200

Jun 12 11:52:08 Deny TCP 222.208.183.218:12200

Jun 12 13:27:52 Deny TCP 222.208.183.218:12200

Jun 12 13:39:25 Deny TCP 61.160.216.187:12200

Jun 12 13:55:24 Deny TCP 221.195.73.68:12200

Jun 12 14:04:51 Deny TCP 61.160.216.187:12200

Jun 12 14:43:18 Deny TCP 221.195.73.68:12200

Jun 12 15:04:17 Deny TCP 222.208.183.218:12200

/var/log # grep :8080 security | cut -d " " -f 1,2,3,8,9,10

Jun 12 08:13:57 Deny TCP 221.195.73.68:12200

Jun 12 11:52:01 Deny TCP 222.208.183.218:12200

Jun 12 12:45:59 Deny TCP 221.195.73.68:12200

Jun 12 13:27:43 Deny TCP 222.208.183.218:12200

Jun 12 13:55:26 Deny TCP 221.195.73.68:12200

Jun 12 14:04:49 Deny TCP 61.160.216.187:12200

Jun 12 15:04:08 Deny TCP 222.208.183.218:12200

It has become so common that it is considered Internet background noise. You won't get a reply from the controlling NOC and you won't stop it because it's a combination of Chinese people trying to get around The Great Firewall and the Chinese Authorities trying to get there first. Just blackhole it, let them hear the sound of one hand clapping and get on with your life.

Apple security is 'struggling,' researcher says

Chronos

@B 9

I was going to go into ODFO mode, but I'll bite.

No, I'm basing my analysis of OS security on experience and ability. The Pwn2Own contest was mentioned to prove that it is usually applications, whether bundled or not, that compromise the host OS, assisted by users, which has been my contention since this little debate started. I also mentioned that MacOS got it up the Khyber first because it was the tastiest prize in the contest. Of course, you also missed the implication that ANY OS is only as secure as its apps and users, which I have been trying to point out all along, hence my mention of the Vista box getting rooted via Adobe software. Too subtle for you, perhaps?

Yes, Windows was dire with regard to security before the NT based Windows versions with a real hardware abstraction layer, a decent set of APIs with security features exposed by the kernel and NTFS became mainstream. This is not the case now, as they have similar security features as Unix based OSen (access control on the file system, per user controls, group policies, distributed authentication and so forth) so I'm afraid a lot of these arguments against MS Windows fall flat on their faces when you actually know how to use these features properly. Again, in case you missed it, I'm not talking about "out of the box experience" here. The home users can take their chances if they're stupid enough to trust any OS straight from the box. Might I also remind you that MacOS X's ipfw firewall is not enabled by default? I'll say it again: The prevalent issue with Windows security out of the box is users running as user Administrator. This, along with every other security issue, can be mitigated using the frameworks provided.

I might also point out at this juncture that I do not use Windows as my primary OS. I know some very knowledgeable people that use it, whether as client machines or as primary OS and, unlike some, I respect their choice of tool for the job. I have no ties to MS and I have less than zero interest in promoting their products. I do support Windows shops and I will service and secure Windows machines with equal facility to those loaded with my preferred OS. I simply think it is time to drop prejudice and zealotry and wake up to the fact these long-standing myths are nothing but an attempt to look smugly superior and disregard the fact that people are stupid. Now, if you'd like to engage in a privacy debate, talking about vendor lock-in or adherence to standards, you may find I appear on the other side of the fence. It's called being objective and sticking to the damned point.

Still, if you think you can claim the high ground by missing the point, go right ahead. And do try to be a little more imaginative with your next reply. Having my own little quip turned around and regurgitated, well, let's just call it pitiful. Do try harder, eh?

Chronos
Gates Horns

@ AC 14:16

Sorry, old son. Mustn't pretend to be superior without criticising Windows. I'll make a note of that on this here Post-It with my password on it (as if) and I've used the Evil Bill icon just for you. Doesn't that make you feel just dandy?

Any fairly modern (>NT5) Windows box is able to arrive at a state approaching the impregnability of any other OS given the right TLC. Disabling unused services making the possible malware ingress vector surface smaller, accepting sensible defaults and overriding those that aren't, removing admin privileges from ordinary users, paying attention to updates and security mailing lists (yes, ElReg can be useful, too), limiting the software installed or installable by users to a subset of well-tested and trusted applications, use of group policies and access controls, auditing third-party software packages for published flaws, ingress and egress filtering on the gateway and so on.

There are no design flaws in Windows that cannot be mitigated with best practice, just as there are no safeguards in *any* operating system that can mitigate poor administration, lack of maintenance and user fallibility. What has killed Windows' reputation with regard to security is a combination of a massive install base to target, the *vast* majority of Windows instances being run as Administrator by users sans clue at home (UAC is no substitute for the user having to beg someone with nous to install the latest BonziBuddy clone or crappy browser toolbar) with various crapware (Dell, I'm looking in your direction), spyware and P2P applications installed and, finally but most prevalent where Windows is troublesome in a corporate setting, incompetent "systems administrators" and clueless users. Those saying otherwise have never studied and used the Windows OS in the depth required to arrive at this relatively secure state which is the crux of the issue, unless you want to include those who think that for [insert OS here] to win, Windows has to lose (was it Jobs who said that about Apple fanboys criticising Windows for perceived but false issues? I forget).

Please, do remind me which was the first OS to fall in the last "Pwn2Own" contest, too. You would think that, with all the "fundamentally flawed" design decisions in Windows, it would be Windows and they wouldn't require user intervention, a browser or Adobe swiss cheese-ware to accomplish it. Perhaps they just didn't want a Sony Vaio and five grand? As it was, Safari failed epically, maybe because the MacBook was a more desirable prize. Yet again, a user-space application combined with user activity compromising the operating system, which was exactly the same way the Vista box was compromised in the next slot. Same shit, different OS.

Are we done with this debate now or, as the French would say, shall I taunt you a second time?

Chronos
Joke

Re: Funniest thing I've read in years

"Can anyone give us a list of the products that have been built with "security in mind"?"

Yes. Most everything Windows from 2000 upwards has been built with an eye toward security. The fact of the matter is that Windows, by dint of its shallow learning curve and lack of anything remotely considerable as complex to the outside, coupled with every damned service including IIS running by default or by mistake, bound to every single bloody interface, attracts the lowest common denominator *user* who is, in security circles, the most gaping, easy to exploit vulnerability of all. That includes those who go by the acronym "Must Consult Someone Experienced" as a server with a GUI that any old munchkin can go and click to get what looks like the intended result just encourages stupid mistakes. "Yesterday I couldn't spell sysadmin, now I are one."

WARNING: Foobar.exe is trying to modify the filesystem. [Allow] [Block]

What's your average luser gonna click? Not you, him. It's only your job to clean up after the thick bugger, bearing in mind that he's also a Power User (sic) meaning he has root on his own box, a legacy from the last MCSE that touched that domain controller and got fed up with the moron forever asking him to install a screen saver instead of growing a pair and cattleprodding the bastard for even asking, regardless of whether he's the Senior VP of Staff Toilets or not. Don't forget any network shares he has access to, will you? Should have used that group policy editor sooner and cleared the Power Users group of fuckwits, shouldn't you?

Jocular rant aside, the bottom line with Windows is that the lunatics have taken over the asylum. Nothing to do with the code, everything to do with the intended audience.

Chronos

!BSD

Thank you, Gordon. This is one of my pet hates. The kernel is a Mach hybrid (XNU) and the userland binaries are *derived* from FreeBSD and these parts are collectively called Darwin. MacOS X proper is everything else, including the kernel and CLI, and is proprietary. MacOS X, as a whole, could best be described as the "Mambo Number 5" OS: A little bit of BSD, a little bit of Mach, a little bit of Nextstep, a little bit of X(org from 10.5)... That's not to say it's not well engineered, just that it cannot be considered to be "SomethingBSD." It's MacOS X in its own right, with its own issues and quirks and it's up to Apple to maintain it, not Theo de Raadt or Colin Percival.

With regard to BSD flavours, Free can be as secure as Open, Open can be ported to as many platforms as Net, and Net can be as popular as Free. It's the defaults chosen by the project that count; OpenBSD starts out of the box with no services running at all. Do the same with FreeBSD or DragonflyBSD and they're just as secure. The Apache that runs on FreeBSD is the same Apache that runs on OpenBSD. Once you load that onto either system and poke a hole through pf for it, both are vulnerable to whatever Apache is vulnerable to, your "lowest common denominator" if you like. Similarly, load Firefox onto MacOS X and you're now vulnerable to everything Firefox is. Or Safari. Or iTunes. I could go on, but that would be belaboring the point.

Bottom line for absolute, guaranteed security is pick two: Software, net connection, power. Anything else is a compromise and a gamble that your chosen vendor of *any* software you use (or you) can keep one step ahead of the black-hats, which is basically the concern of the article we're all commenting on.

Microsoft architecture chief: Google Wave 'anti-web'

Chronos
Flame

Attack - Counter-Attack

You know, it's getting really tiring listening to these two behemoths slagging each other off all the damned time. Guys, the vast majority of us who have been around for a while are going to make up our own damned minds whether vendor lock-in or being dependent on several points of failure for access to our data is a good idea and we really don't need leading (and are experienced enough not to be led) around by the nose by your shallow rhetoric so just STFU, code and let the market be the ultimate judge, would you?

There's good fellows. I know people with chief in their title have nothing better to do in today's hierarchy of incompetence but this really is getting old now. All you're really doing is bleeding credibility every time you open your mouths as you really don't understand each other at all - and it shows.

Microsoft has always felt the need to dominate, by fair means or foul, any market sector it ventures into, locking people into their technologies wherever possible. Google has, from the start, needed to control information everywhere, using access to it and their own creations to barter for more. Neither of you understand the other's motivations. Both of you are morally bankrupt, having business models based ultimately on gaining absolute control of other people's property so that, once snared, people have no choice but to deal with you. You are both so similar that understanding of the other eludes you as you are both playing the same game with different score cards.

Google Squared - the Cuilest search app ever

Chronos
Joke

I can't help thinking...

...that the word "Squared" in that last sentence is superfluous, Ted.

I also can't help thinking that the result "kmacleod" is appropriate for where humanity is going, if you think dystopian authors, so it may well be relevant. Without the Lysergic Acid Diethylamide, too!

At long last, internet's root zone to be secured

Chronos
Stop

A little theory

OK, all you lot worrying about Verisign raking it in: ALL that should be in the root zone (.) are NS records of the TLDs and their DS sets if they're signed. That's it. Unless you are a TLD holder, you won't ever have to deal with Verisign. Your DS sets are never going to go near the root zone anyway.

When you finally secure your own zone, YOU publish the keys, sign the zone and your parent zone (e.g. co.uk., which in turn will have a DS set in uk. in the root zone) needs to import your DS set into its own zone. They don't sign your zone, you need no other outside services to deploy DNSSEC and if your parent zone isn't signed, you can use lookaside validation (in which case, the DLV publishes a DLV set rather than DS) instead. Honestly, guys, this isn't going to cost you a thing unless your parent zone starts charging. In fact, you don't *have* to implement DNSSEC at all. It's worth doing, though.

Validation on the resolver is simple, although keeping the trust-anchors current is a bit of a nuisance at present as, with no signed root, DNSSEC validation is very fragmented. Signing of the root zone should help immensely as we will eventually, assuming the TLDs play the game properly, only need the root trust-anchor in the resolver configuration which will probably get published in the same way as the root zone itself is.

Currently, key rollover is a pain in the arse (all sorts of timing rules and obscure commands to learn) but BIND9.6 has some useful tools (which I haven't read up on properly yet - I only upgraded to 9.6.0p1 when the .org zone got signed with NSEC3 on the 2nd) to deal with this little issue. All in all, DNSSEC is coming together nicely. What it isn't: Encryption or security on its own. What it is, which sounds a bit of a letdown after all the hype: Identity validation using a hierarchical PKI. However, that is rather useful on its own. Think PGP signed (not encrypted) e-mail verified using the sender's public key and message hash.

Phorm woos browsers with personalised web

Chronos

BT

With BT being the primary proponent of Phorm, not only do I actively discourage anyone else from using them as their ISP (not that I EVER used BT as an ISP), I have also dumped them for the phone line rental (I went with the Post Office, but there's also some very nice deals from other companies, such a Primus, First Telecom, Euphony and so on, and you can still keep your existing ISP) quoting Phorm as the reason. The sooner these idiots realise that one breach of privacy usually leads to a loss of trust on all their products, the better. If you feel the same way about this, I ask you to consider boycotting *all* of British Telecom's products, which can be done without becoming a "cutting nose off to spite face" situation. If they can betray you with the Internet, what guarantee they won't betray you in other areas as well?

At present, we can only vote with our feet by boycotting BT, Virgin and TalkTalk, but doing so *completely* sends a clear message to anyone considering conspiring with this spyware company, and indeed anyone else using DPI, that we will not tolerate this sort of thing on our private communications.

Now Google tracking follows you out of cyberspace

Chronos

Re: The Google version of the MS paper clip

"You appear to have suffered a high speed head-on shunt. Would you like me to call the emergency services?"

No, I just threw this annoying block of plastic against the wall in a vain attempt to silence the bloody thing, although if you know anyone who can repair Googlephones and really wants every second of their lives in a database, you may want to give them a buzz soonest as there's one that needs "slight attention" laying on the floor, first-come first-served. Me? I'm gone...

Is there any chance of Google making the things issue an electrical shock, preferably the equivalent of winding the handle of a Megger with both croc clips attached to the scrotum, to any oik wandering down the high-street with one of these in the hand he usually uses for "other purposes," oblivious to the the normal people who won't die of withdrawal symptoms if they don't get the latest ever-so hilarious text every five seconds? Google, for once, would actually be doing something worthwhile...

Rumor rubberizes iPhone 3.0

Chronos

One wonders...

...how much extra battery life they'd get without a "light-up logo on the back"?

Form over function as usual, pandering to those to whom a light-up logo is not a total waste of potential difference.

From the sublime to the ridiculous, it seems Mr. Farrell of The Inquirer has just discovered a static charge can be generated on certain plastic moldings, but only on Apple products.

http://www.theinquirer.net/inquirer/news/1137413/apple-earplugs-shock-users

Fascinating. Love 'em or hate 'em, Apple continues to get into the news.

Beeb tech boss seeks to expand TV licence online

Chronos

Hate to say it

...but I told you so. iPlayer was and is a trojan to get this pushed through. There was simply no other rational reason for the Beeb to spend as much as they have getting their programmes onto the 'net, a medium where every byte per second is a part of a finite resource.

Hacker claims whaling expedition harpooned Steve Jobs

Chronos
Joke

Look on the bright side!

At least the news that old Stevo is responding to phishes will keep Apple's stock afloat!

No, that was uncalled for: I'm better than that...

...no, I'm not ;o)

Google openness is a closed door

Chronos
Stop

Chrome != Open source

Unless something has changed, Chrome is *not* open source. The Chromium source is, which forms the basis of the fully open source Iron browser, but the end user binary Chrome is not built from the Chromium source alone, hence quite a bit of doubt about Chrome's true nature.

http://www.ghacks.net/2008/09/25/chromium-iron/

Site schools world+dog in browsing history pilfering

Chronos
Thumb Up

@Scott

Genius or not, that'll do the trick nicely. I always set browsers up in this way myself and got the same results from Startpanic [1] with three other tabs open on different sites, El Reg being one of them. Not so much a vulnerability, rather the browser developers pandering to the trackers and ad pimps. Those of us savvy enough will plug this hole (and a few others such as pre-fetching) as a matter of course.

[1] Well, it did detect that I was visiting their site. Big, fat, hairy deal. NoScript in global allow mode to give it a sporting chance, natch.

Electronics giants raise ruckus over Project Canvas

Chronos

Copyright != Patent != Standard

Copyright is automatic at the time of the creation of code. A patent bestows a monopoly on the inventor for a period of time. A standard defines an API/ABI/protocol/method of doing something, etc that guarantees interoperability (if you're not Microsoft and that standard isn't ODF). They are in no way dependent on each other. What is described here is a standard, which is not to say any Canvas code will not be covered by copyright (it will by default and they'll either get around this with a permissive licence or force you to write your own code compliant with the standard), nor does it preclude a patent or three where such things are considered to be useful.

It's a minefield and not as simple as some folks try to make it appear. 802.11a/b/g/i/n ad-nauseum are standards. That doesn't remove the copyright on, say, Atheros' or Broadcom's driver and firmware code. Nor did it stop the Aussies getting a patent or suing HP.

http://www.theregister.co.uk/2009/04/06/hp_settles_csiro_patent_claims/

Chronos

@Cameron

Yes, but all our data, whether Corrie repeat or plain old e-mail, goes through these things called routers that are shared resources. They're the rows of stars that show up on your traceroutes instead of timings. Why stars? Because it seems the general public can't get enough of them.

There's a reason it's called the backbone. It's also breakable.

Despite my sarcasm, I do understand what you're saying. However, just because you can do something doesn't make it right. The issue here is fair use of resources (not the same fair use excuse that the ISPs use). The 'net has certain services that CANNOT be provided anywhere else. TV, on the other hand, has many solutions to the problems of getting the video to the consumer and missed programmes, the best being over the current RF network which is nearly 400MHz of space with which to deliver the service. In my humble opinion, broadcasting live TV over the Internet is a waste of valuable bandwidth and, while the catch-up services could *possibly* be justified in a world without the technology we have, they certainly aren't necessary when perfectly good DVR systems with EPGs are ubiquitous. They may seem expensive, but what price the Internet, bastion of free speech and open exchange?

Chronos
Flame

Embrace, extend...

They're still adding more and more video, streaming and on-demand services to the 'net? Wonderful. Embrace, extend, extinguish "accidentally."

1) I have enough bother keeping the advertising houses from snooping, without having the bloody TV to contend with;

2) The 'net is, by some accounts, already full to bursting with folks pissing about with video without the bloody Beeb et al adding [more of their crap than iPlayer] to it. Full or not, use the fucking broadcast infrastructure you've already got and LEAVE THE INTERNET ALONE! </rant>;

3) Open standards rarely are when championed by large corporations. We have Dirac on open platforms, but can you use iPlayer? I think not because of all the proprietary glue and DRM that holds it all together. FLV? Don't make me laugh;

4) Just another stage of their gameplan to require a TV licence where an Internet connection exists. See Ireland for details.

You'd think people would realise, but just one more way to get East-sodding-enders or some nauseating reality show and they've suddenly got tunnel vision. Heads up, sheeple: The Internet is for free exchange of information and communications, not bloody TV broadcasts. You might not think it, but something of value is being lost. *Some* entities don't like the idea of free exchange, so they conspire to overload the mechanism that allows it, be that with onerous laws or just plain too much data. We're under attack and you brainless shower are still playing cards in the barracks because the "nice people outside" gave you a crate of tinnies. Sod the electronics manufacturers: It's the fallout for us that worries me.

Flames and swearies, because that's the only language some people understand. Me? I give up. Everyone else has their head up their arse, the Internet (at least those bits of it physically located in this bloody unethical country) is heading for a slow death by consumerism and regulation and the entire ethos of being a netizen is lost in the mists of time.

Firefox users caught in crossfire of warring add-ons

Chronos
Stop

Eh?

"Regards ad block plus apologising, I don't see why they should, they're just following their remit to block advertising. Noscript's site was allegedly carrying the famous "You have a virus, install fake-av-which-asks-for-money" style adverts, which included pop ups."

Um, no, he had three Adsense ads. If what you say was on there actually was, then Google is to blame or someone/thing has redirected Adsense to something else on your machine (physician, heal thyself). Either way, Giorgio isn't responsible for the content.

I'm not defending Giorgio's actions, although I am shocked at the way he's been savaged by people who one minute thought his plugin was essential (it is. There are so many holes in Fx - all software sucks - that you have to mitigate at least the simple to implement attacks between updates) and the next thought that whitelisting his domains so the install and changelog links worked made him the antichrist. Ares2 has admitted, on NoScipt's own forum, that Easylist was, perhaps, a little too zealous and that those problems existed with the links. No, the hyperbole and exaggeration coming from the detractors is getting a little ridiculous and fail-worthy now.

And you can bet your Moon Macrosystem (still giggling, you bastards!) that Giorgio's code is going to be audited by many, many eyes for the foreseeable. Accepted, most users aren't code-monkeys [1], but there are a fair number (what's 0.01% of a metric arseload?) who are. NoScript may even have its trusted status removed and have to sit in the sandbox for approval in future. AMO has already noted this SNAFU (how could they not with all the torches and pitchforks?) and made some policy changes.

[1] Saw some really clever folks talking about forking NoScript, a very ambitious project that I wouldn't contemplate taking on, and asking all and sundry where the code repo is. There must be one to comply with the GPL, apparently, but the code was nowhere in sight. Christ on a bike, these people are so smart! I was so impressed...

Moon Macrosystems - How to build a better Sun

Chronos

Tee hee!

I must be in kid mode today. The Moon Macrosystems logo had me giggling like a six-year-old. I'd hate to have to take the Rorschach test. Everyone else thought I was mad.

NetBSD, Mandriva get shiny new releases

Chronos
Joke

Hook, line, sinker...

...rod, reel, fisherman and copy of the sodding Angling Times.

Advice to author: Wait for the next OpenBSD release, announce it in the same vein and watch Theo go ballistic, especially if you refer to the ath(4) driver as a variant of MadWiFi's Ath5K ;o)

DSGi plans £310m rights issue

Chronos

Um...

In English, please. I don't speak bean counter. At least explain what a "rights issue" is for those of us more practically inclined and unfamiliar with the "make money out of thin air" type fantasy worlds these accountants often inhabit.

For those like me:

Rights Issue

One of the ways that a company can raise additional funds is to issue new shares. These new shares must be first offered to current shareholders and a rights issue allows a shareholder to buy an additional number of shares for each share held. For example, a two-for-three rights issue entitles shareholders to buy two additional shares for every three owned. Rights can be traded in the market.

(http://glossary.reuters.com/index.php?title=Rights_Issue)

How the hell does this work? Looks to me like they're diluting their existing shares. To my mind, they're not worth any more than they were before they started, so issuing new shares simply devalues those already held. Am I wrong? Money out of thin air indeed.

Meet Phorm's PR genius

Chronos

@MinionZero

Chill. I agree with most of what you say, especially the real power being in the hands of the majority of the people, if only they'd realise it.

However, calling Smith a bitch isn't the way to go about peacefully stating facts. It is my opinion that Smith is an easily led mouthpiece for a particularly nasty NuLabour group, the control freaks. She's following in the footsteps of Straw and Blunkett, who were just as bad but less far down the road they've chosen for us.

As for Phorm, I'm still not convinced this isn't a diversion from other privacy-damaging technologies creeping in from the sidelines. NebuAd, Kindsight et al are one consideration. Then we're seeing ever more onerous duties to log and track being placed on ISPs, along with more and more of our personal details (medical records, credit records, driving licences etc.) in the hands of government and corporates being pushed onto "the cloud" where any old munchkin may just find his or her sticky, unethical mitts on it. Are we as concerned as we should be about these other issues right now? You see, it's just a little too obnoxious to be real. They picked the most arrogant man on the planet, the ex-CEO of a malicious and slippery spyware company (actually, didn't Phorm suddenly metamorphose from the cocoon of 121-media's corpse? Yet another transparent link to their slimy past), to head the thing up and I just can't shake the feeling they've got exactly the response they wanted, along with the exclusivity of attention that means other issues are beneath the radar. Even the name smacks of malicious activity: Phishing, phreaking, pharming and Phorm. I also find it *very* interesting that Google haven't joined this debate, given that they're direct competitors in the marketspace and that Phorm will only ignore sites that the Googlebot can't scrape either, a very anti-competitive practice. My twisty, Machiavellian mind just can't get over the idea we're being manipulated.

The bottom line to all of this is how do we control access to our PII (personally identifiable information)? Regardless of who the players are, once this question is answered to the satisfaction of the public we can then push legislation to ensure PII is treated with the respect and security it deserves by all comers and penalise those who don't in the appropriate manner. Until that is done, we're no safer regardless of whether Phorm dies or not.

Of course, defining PII needs to be the first step, which is proving to be a little more tricky than first meets the eye. Personally, I'm convinced we're going about this arse-backwards right now. Forget Phorm as *the* entity to destroy. Yes, it would feel good to be rid of them but it doesn't address the correct issue. What we should be concentrating on right now is law protecting our privacy online, the role of ISPs as conduits and the security of personal communications. Until such time as that is ironed out, we'll be forever at the mercy of the data miners and profilers.

Homer Simpson 'nuclear waste spill' panic at nuke sub base!

Chronos
Thumb Up

Makes one wonder...

...just how many Plastimo Iris compasses (yes, they glow, and they're slightly bigger than a Timex) get dropped overboard, doesn't it? I routinely wear one on a neckstrap when I'm out playing floatabouts. Does this mean I'm a radiological hazard or does it just mean that I'm out of the gene pool?

Top stuff, Lewis.

Oh, just one more thing: Tritium == keyring for most of us who have been here for more than ten minutes http://www.theregister.co.uk/2004/12/07/glowring_returns/ How many of these per atomic sub?

IP minister rules out 'three strikes' disconnection law

Chronos
Unhappy

@kevin

It's currently illegal, technically, to rip tracks from a legally owned CD to such formats as FLAC. You have no format shifting fair use rights in the UK, although a blind eye is often turned to such activities (or, to quote the review, "it is difficult to enforce"). It follows that downloading tracks is also illegal and, in my opinion, is easier to enforce as the uploader may not have a legitimate licence for those tracks and certainly won't have a licence to distribute, or the "right to copy" which is really the core of copyright legislation.

However, the recent copyright review addressed the former issue and recommended an exemption (recommendation 8).

http://www.ipo.gov.uk/consult-copyrightexceptions.pdf ***WARNING*** .pdf file. Page 15 addresses format shifting. I can't see anything in the review that addresses downloading already licensed tracks, so I doubt this will ever be legal, but who is to say you didn't rip that track yourself? Oh, yes, the ISP who will be monitoring your connection for P2P. Silly me ;o)

Microsoft names Windows 7 RC1 dates

Chronos

@Jonathan Schofield

"Also the RAM runs at 60 - 80 % even when nothing is open."

This is a *feature* of advanced OSen, not a problem. RAM is faster than disk, so cache and buffers for most-accessed data is a better thing than oodles of RAM sat inactive. BSD does this too, and prompts the same question on the mailing lists time after time. What you need to do is test your apps and check the paging, not criticise the initial memory allocation. A good OS will swap very little until it runs out of physical memory, abandoning its buffers in favour of currently active data instead of paging them out. In my experience 7 does this well, as does BSD. It's such a recurring question that it merited a FAQ:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/misc.html#TOP-FREEMEM

Not a fault of Microsoft. They're following best practice in this instance.

Chronos

Don't give a flying fsck?

I doubt it. If you're an IT pro you're going to be dealing with 7, like it or not. Get a grip, for Christ's sake! Lose the prejudice, grab the RC and test it. Whether you're a rabid anti-Redmond Loonixer or a misguided MS fanboy, professionally you'll need to be familiar with this OS as it's far more logical, reliable and stable than Vista. OEMs are going to be installing it on most new machines and users, consumers and management are going to like this iteration of Windows, I guarantee. This RC is your opportunity to get an advanced preview of your new workday, assuming the RC is near enough to the final RTM code, so this article is very relevant to anyone who deals with users.

I agree with Ash. I'm primarily a BSD user (a rabid, simple permissive licence loving, code patching, geeky, control-freak, my-computer-my-rules, paranoid freetard) considering updating his (legitimately licensed - all my shit is legitimate, even my FLAC collection. I'm not *that* sort of freetard) aging Win2K partition to Windows 7 on the strength of the beta alone. Sorry to disappoint all you freedom fighters but MS seem to have the first major win since 2000 on their hands and, if they don't screw it up, you'll be seeing a lot more of it.

Bottom line: This isn't Vista and operating systems aren't religions.

Cameron: Give the UK's health records to Google

Chronos
Go

Double-U Tee Eff?

This just gets worse. I think I'll pass on voting in the next general election, simply because I can then evade blame for the resulting asshattery. Google? Google is the biggest threat to privacy ever conceived. I'd rather have NuLabour's über-database than Brin and Page gawking at my health records and silently selling these on to insurance companies - not that I could, in all conscience, ever vote Labour again. Check the smarmy bastard's share portfolio...

Labour: Hypocritical Big Brother control freaks. Conservatives: Clueless self-interest. BNP: Racists, bigots and xenophobes. UKIP: Blinkered, single issue incompetents. Lib-Dems: The less said the better. Internment camps for chavs (check out last election's manifesto)? We'd be a laughing stock. Plaid: Who? The local candidate made me smile at his insistence on discussing his "plan" to re-nationalise the railways when I raised the civil liberties issue, like I gave a shit about what is, in all truth, a freight network never designed for passengers in the current political climate. What's the point? You can't get a straight answer out of any of them.

Oh, just as an aside, how can they justify going on about "The War Against Terror," Iraq and Afghanistan in one breath, then say we have the largest public borrowing figure in *peacetime* the next? They must think we're stupid. And well done to Broon's people for deflecting the flak away from Wacky Jacqui's expenses and onto some replaceable aide for those e-mails. Rather neat was that bit of work.

Proceed. Because they probably will, whoever they are.

Ask.com rehires butler Jeeves

Chronos
Coat

Google rip-offs?

It has to be a Google rip-off really, doesn't it? Google is the de-facto standard for search after all. Anyone who wants to compete is probably stuck with the textbox-search button simple model for its UI, otherwise they're not going to attract punters. Yahoo search, Dogpile, Ixquick, Altavista and Ask all have this UI in one form or another. I seem to recall Altavista was configured this way before Brin and Page had their little misspelling Googasm. [1]

Google's success isn't just the effective search engine, either. They're now a single sign-on for search, mail, remote storage and other nifty apps. Remember, we're dealing with a majority who probably have a Post-it with their password on it stuck to the monitor. They love simplicity and this is another area where Google shines. Now that the endless September has proven resistant to all efforts by the geeks to reach October with the non-technical growing in number almost exponentially, Google have it all wrapped up and the competition don't stand a chance, regardless of UI. They're the new AOL portal for the masses, a household name and even a verb, regardless of ISP, playing to the cheap seats. We geeks are just a very small minority on the 'net and the ideals of the early 'net are long dead, as evidenced by the marketing "monetization" of the web. It's now just another service for the general public and Google's services fit right in with this, so here is probably the wrong place to discuss the whys and wherefores of search on the modern Internet. Geeks have different needs, we're a niche market and we don't represent the majority of the 'net any more.

[1] Well, waddaya know? http://web.archive.org/web/19961022174810/http://www.altavista.com/ So one might say Google is an AltaVista rip-off. I'll get me coat...

Wikimedia becomes latest to ban Phorm

Chronos
Stop

One little niggle:

We have the same issue here as people opting out have: We still have to take their word for it that our traffic goes nowhere near their insidious L7 inspection boxes. Make no mistake, this is what we want, a verifiable opt-out which means our traffic goes nowhere near that cesspool of privacy fail. We (and the Phorm-stricken punters) just aren't getting what we want.

And what's this "request" bollocks? DEMAND, not request. I ORDER you shits, with whom I have no contractual relationship whatsoever and an expectation of privacy with regards to my personal communications, not to route MY traffic anywhere NEAR your layer 7 spyware crap. That, and ONLY that is good enough.

iPhone beta OS cracks before release

Chronos
Flame

GRRR!

"a community whose primary motivation is the use of stolen software"

Got any proof of that assertion, sunshine?

Conspiracy theories aplenty as Amazon delists gay books

Chronos
Flame

So...

...this is what the Internet distribution model looks like, eh? Censorship and bigotry. Very nice. When does the burning of the dead trees start - just so I can hide mine, you understand. Now I know why they called that beastly thing "Kindle."

Fire, woo hoo!

Google throws secret auto-updater to open sorcerers

Chronos
Stop

Innocuous?

There's no such thing as an innocuous data leak. If it's done behind your back, without your permission, it's a security breach plain and simple.

Google: Don't be evil - because we're watching you. One wonders if Brin, Page and Schmidt are pals of Wacky Jacqui...

Scareware scammers adopt cold call tactics

Chronos
Stop

Why...

...is there no effort on the part of law enforcement to eradicate this crap? Here's the idea: Get a few credit cards (or one-time card numbers issued on a case-by-case basis through an automated system similar to that in use in the USA for one-time prepaid cards) specially issued in collaboration with the CC companies which flag up a merchant's account as soon as they're used, "honeypot cards" if you like. Issue these to a few good, trusted researchers and let them reply to these scams. Result: The scammer's financial resources flagged and monitored (and money frozen - one use of a honeypot card freezes the merchant's account without further ado) until a case can be brought or a mistaken use of the honeypot card rectified (there will be a couple, I have no doubt). You could probably do the same with PayPal, a honeypot account that immediately removes the scammer's ability to withdraw funds and freezes the account, although PP seem to give less than a rat's posterior about fraud these days.

Sod technical countermeasures, hit 'em where it hurts. Once they can no longer make money in this manner, they'll lose interest in the malware. It's so simple I can't believe it hasn't been suggested. It's also sneaky, underhanded, almost undetectable until it's too late and so much fun to imagine the scammer suddenly without access to funds after rubbing his greasy hands at the thought of yet another sucker, so it appeals to my darker nature and my finely tuned "fight fire with fire" sense of justice.

Yes, it verges on vigilantism, which is why I said trusted researchers. Anyone legit has recourse to the courts. Anyone scamming would be stupid to complain as it would immediately give away their identity, something no 'net scammer wants. Then, once the case is proven, simply get the transaction records, reverse the transactions and the 'net becomes a more trustworthy place, the CC companies aren't covering losses to scams and everyone is happy. Except the scammer, of course. If he fights it, he's identified. If he doesn't, he's gained nothing. Win-win.

China restricts online video after YouTube police beating

Chronos
Dead Vulture

AOL3!

That same thought struck me immediately.

Icon: Replace REG with LIBERTY or perhaps the ability of the public to see what their public servants are up to.