Posts by Chronos

Re: Alternative solution?

Still irrelevant. Canada has no jurisdiction over a Chinese company. In fact, unless any US or Canadian resources were diverted through Huawei's shell company they have exactly zero grounds to detain a citizen of a foreign nation, regardless of that nation's status or involvement in a trade war with a straw-headed moron. Those sanctions only apply to subject citizens and corporate entities. Germany has flat-out told Arsenoise to go piss up a rope with them this time around. Ms Meng was just low-hanging fruit and they're relying on their "China Bad" propaganda to stop the general population thinking too much about the precedent this nonsense sets.

In Moriarty's Spin series of novels' timeline, the US is listed as a rogue nation by the UN. I think I begin to see how it got that status. If we're going to take the moral high ground, that pinnacle had better be built on solid foundations rather than a gilded turd sitting atop a load of self-interest.

Re: Disabling UPnP completely isn't such a bad idea

Quite. I've removed miniupnpd from my OpenWRT builds and exactly nobody has complained.

Re: Great plan Timmy.

Especially when the core of your OS is built from code they built...

No, no, no! It's a drunken skip shag between the Mach microkernel and the BSD userland and nothing to do with Linux or GNU at all. I can see why abandoned big cats for their code-names; some people obviously couldn't resist lion about it...

Re: Fed up with these nonstop security issues

And, therein lies the problem.... the "miscreants" would probably never know anything about this let alone exploit it if these issues were never made public to begin with.

Security by obscurity, compounded by the fact that the underlying issue is pretty much the same thing. Please hand in your geek card at reception.

Re: I stopped right here...

Systemd!

Devuan, Debian+sysv-init, many others that I haven't tried because Devuan is familiar enough to me that I didn't see the point...

Don't conflate Lennart's pet project with Linux. As an aside, I'm wondering if the corpse of SCO isn't twitching again since IBM bought Red Hat. Big Purple.

Re: Tough

Most users aren't going to notice when Firefox or Chrome automatically start using DoH first (if available) rather than your defined settings, and will only fall back to standard DNS if DoH fails.

Already happening in Fx; see network.trr.* in about:config.

What we really need is some opportunistic crypto that doesn't attempt to identify the endpoints. For a start, it'll make encrypting SNI so much easier. Once you have your secure channel, then do verification and close if it fails. You've only signalled your intended destination to one host rather than lit a huge neon sign for any old nosy bugger to slurp.

Making Google, Cloudflare or Quad9 your one-stop shop for DNS really isn't protecting anyone's privacy, a problem which exists in both implementations.

_{Disclaimer: Stubby user, so I'm probably biased against DoH, not that I can't see DoT is riddled with exactly the same issues.}

Re: A tiny step in the right direction

Think about the tax on insurance policies

That one is a particularly regressive tax, especially when applied to things like motor insurance and buildings cover which are legal or contractual requirements for many of us. VAT on utilities when many people are in fuel poverty is utterly insane.

The other one that really grinds my gears, literally, is paying VAT on fuel duty at the pump. It's value added tax and I see no value in dead money going to the government for idiots like Crapita to waste which, incidentally, did not seem to be a casualty during this period of austerity when everyone was supposed to be sharing the pain.

It would make a huge difference to people's confidence in the system if it were fair and the proceeds were not being squandered.

Re: OK. Calm down. Fake news etc.

I suppose if you squint and look at it a bit sideways you could have a point. The fact remains that a company whose core business is that of communication miscommunicated a policy change. How do you know the droid you spoke to has it right and it's not just a "FFS, tell them anything, I can't handle all this crap on a Thursday" directive from middle manglement?

Competence? They've heard of it. Lovely name for a girl.

ObNitpick: Would that not be SPI? I²C is serial clock and data.

Re: China

Name one national government that isn't evil. Chronos's comment was meant to put down the US, period.

No! It was meant to put down blind faith in western "democracy," i.e. the pre-selected choices we get to elect the usual bunch of corrupt incompetents every single time, as the epitome of human advancement in government. You completely missed the point when I switched from "The US" to "The West." While we're lobbing rocks at China, we're not sorting our own shit out. "Better than them" == "dryer than the sea" and is no cause for celebration or declaring the job done.

This little island and Europe are currently deadlocked in a battle to see which bunch of corrupt incompetents gets what slice of the pie to waste - and waste it they will, whoever wins. Granted, they won't have big limos and massive security retinues - oh, wait...

So no, I'm not chucking rocks at the US. I'm chucking rocks at the people who meekly accept this system that only delivers misery time and again, myself included as my sole contribution to protesting this situation is to refuse to take part aside from making snide comments on El Reg. At least you folks have write-ins on your ballots, for all the good they do...

Re: The problem is...

- The Xiongmai CCTV controller software is a _large_ stripped monolithic binary, but it actually contains a number of subcomponents (an OS within an OS?) and whilst attempts have been made to obfuscate what is in there, GPL symbols abound, as do the signatures of a number of GPL packages

Aye, the infamous "Sofia" binary. Realistically, the only way to secure these things is to filter at the gateway by MAC. Even then, a malicious local operator could easily break into the things or a zombie Windows box could deliver the payload, change the MAC with the nvram utility that is present on these things and bypass the filter.

It's a shame because the hi3518 with the OV9712 sensor is a pretty capable little night vision system. If they opened the source for these things they'd probably sell millions more of them, especially if one were able to set up only rtsp, motion alarm (I have a listener daemon for XM alerts which spawns an ffmpeg 30s recording) and a simple control panel for the settings. Add MQTT instead of the XM proprietary alarms while we're at it...

This is exactly the sort of thing that keeps us coming back here time and again. People who have received a humour bypass are going to be offended, usually because many a true word is spoken in jest.

For the intended audience, it is pitched perfectly and poor taste is infinitely preferable to none at all.

Here's a clue. My nearly five-year-old Moto G (the original one) still gets regular updates via LineageOS. There's a new build out every Wednesday and I tend to install them monthly.

*Applause*

Moto Gs less than or equal to v4 are built like brick outhouses, reliable, fast enough for anything but gaming and have more accessories than you can shake a stick at. Mrs Chronos has a Moto E. It's not as fast as a G but it still runs Nougat, gets an update a few days after AOSP vulnerability day and doesn't spy on her.

Even replacing the "built-in" battery for a G is a doddle.

I made the mistake of buying into the Wileyfox hype with the Storm (which just got Oreo from Lineage - not bad for an obsolete model that, before they went TITSUP¹, they disavowed ever producing) when I really should have bought a Moto. Lesson learnt.

_{¹ Total Inability To Secure Useful Profits, mainly due to titting about on Twatter and Farcebook instead of dealing with issues. And no, the bloody magnetometer still doesn't work and the LEDs behind the softkeys winked out one by one, never to return.}

Re: We are down to cat milk

Yep, it was never the same without Norman. Even the 8th series with its nonsensical nanobots recreation was worth watching just for "Gawd, I hope we don't get spotted by the rozzers. They don't like it when you're rat-arsed."