Posts by Pascal Monett

"there isn’t a lot in it"

Well whaddya you know, maybe this time Microsoft will manage to not break something.

Maybe.

In any case, I'm no longer on the sidelines because my wife now has a work laptop with Windows 1 0 that I am desperately trying to find the way to properly lock down. It's a "clean" system, in that it has obviously been wiped and reinstalled, so I am hoping that I can stay ahead of the rot and stop the creep.

Windows Update has been disabled, of course. I'll enable that every now and then, for the security updates, and that will be all.

A 30% discount just for cooperating

What the frak ? Isn't cooperation supposed to be MANDATORY ?

If you don't cooperate, multiply the potential fine by 2, I say.

Bluetooth, good idea

Especially as I have it turned off by default, like WiFi and mobile data.

So please go ahead and base all your advertising on that tech so I can walk through blissfully unawares.

Now wait a minute

"AI is able to learn sensitive information, such as personal preferences, from a vast amount of seemingly insensitive data"

Yeah, but up to now, all that data is made available to the statistical analysis machine that is not AI. The machine does not go look for it itself.

Now, I am sure that it could be possible to surf Facebook and Twitter and glean some info about a specific target, but unless you have your malicious pseudo-AI sitting inside the company you want to attack, or you have compromised its network to extract that data, I don't see how it could capture the vast amount of data it needs to analyse.

"a huge disincentive [..] to set up a 2FA option"

Well FaceBook is a huge disincentive. With its history of ignoring the law and any sense of morals as long as it can get away with it (and a bit longer if possible), I am astounded at the number of people who blissfully continue to give Zuck their private life, giftwrapped.

And with all the information easily found on the Internet, with all the proof of its shady behavior, I'm sorry if I consider that people don't really have the right to complain any more. You put your life on FaceBook, you know Zuck is going to aggregate it, mine it and sell as much of it as he can.

"Neural networks are only really good at memorising the patterns seen during the training process"

It's a computer blindly following its programming. It is not AI, and slathering it in market-speak and statistical mumbo-jumbo will not make it AI, ever.

What was that ?

"..Intel CPUs permitted to run Windows 7.."

Permitted ? I would have thought that a CPU will run everything it can, and if it can run Windows Advertising Version then it can run Windows Useful Version as well.

They call that a dance ?

It is utterly lame and ridiculous. Epic is right to present excuses, but chose the wrong subject.

“We’re continuing to work on your most requested features”

Um, really ? In that case, pray tell, how many users asked for Skype to be terminated ?

You're pulling a Trump there, Microsoft.

Oh, I forgot. You meant to say that you're continuing to work on the most requested features that you like.

Carry on, then.

"This unjustified action by the SEC..."

Given what I have read here, the action is hardly unjustified. You have not yet bought the SEC, Elon, so stop listening to your yes-men and face reality : you may be a billionaire with a lot of support, but you still have to behave under the rule of law.

And post-justifying your tweet by having meetings with Goldman Sachs practically proves that the SEC is right.

A malicious voter ?

"If the card reader has wireless NFC support, you can hold your NFC smartphone up to the voting machine, and potentially cast a ballot many times over."

A "malicious voter" may do that on purpose, but I'll bet that many perfectly honest voters might just present their NFC-enabled phones more than once simply because they're not sure their vote was recorded properly. No malice needed.

The whole sorry saga of electronic voting machines paints a vast canvas of clueless PHBs barking orders at harassed coders who couldn't give a shit and just churned out whatever met the specs, with a cursory test to make sure the bloody thing didn't crash on the first try.

Facing such incompetence, I think it is very unlikely that the NSA had anything to do with this - it's just the cherry on top of a mountain-size cake of incompetence and carelessness, frosted with greed.

Just one suggestion

Make sure the BOFH does not have any access to this system, otherwise the whole concept falls apart.

The guy reviewing and querying the security database should not have any admin access, and the network sysadmins should not have any access to the security database.

If you don't have that, you have a large collusion risk. And you can forget detecting admin-level insider stuff if the sysadmins are the ones controlling the security database.

"While there's a bit of cost to set that up, it doesn't cost much."

Exactly. Yes, laying fiber is costly, no argument there. But once the fiber is in place it costs next to nothing to have the data flow, yet telecoms are always talking about how expensive everything is to get working.

Not true guys, you're just milking the cow to the fullest. Once your initial investment is recovered, bar any unfortunate backhoe you're sailing in clear seas, money dropping like rain every second.

Besides, the benefits these companies regularly post is proof enough. Comms is a better business than casinos - you're fleecing everyone and it's legal everywhere.

I do not see this becoming workable

I resent the fact that the researchers seem to consider that making a game level is just placing blocks and sprites like you sprinkle powdered sugar on a cake.

Making a game level requires at least two things : having a goal in mind, and planning out how you intend to reach that goal. Statistical analysis machines fail on both of these counts.

A good game level is made knowing the game mechanics, to be able to create areas that are of a specific challenge. Well placed, such areas can be simultaneously very desireable and very difficult to hold or go through. It is that combination of hard and yet unable to resist that crafts the best levels.

No computer will be able to attain that level of craft just by looking at existing maps because no computer can understand either the word "difficulty" or the word "desire".

But hey, they got grant money, so it's all good.

"the rule would unfairly favor giants"

Oh, so you recognize that you're not a giant ? If you were one, I'm sure you'd be quite happy about that rule.

And, IIRC, it seems to me that Oracle has a long history of telling everyone it is the giant in the RDMS space, elbowing everyone else out of the way with gleeful abandon.

But, as usual, some billionnaire doesn't get his way, so the toys get thrown out of the pram before the brain engages. Tsk, tsk.

Only alternative ?

Should it not be possible to configure the mailserver to count the number of outgoing emails and block with an alert when a limit is reached ?

If your org generally sends a few emails a day, you would set the limit at, say, 50. If you get a message that said limit has been reached, you have time to check the how and why and correct things before resetting the message count (larger organizations could also evaluate their mail sending habits, but I suspect they'll have more powerful tools at their disposition).

That should be rather simple to implement, no ?

"AggregateIQ has never been and is not a part of Cambridge Analytica"

Of course not, we get it.

You're a different scum.

Yup, Real Life is tough

These statistical analysis machines are going to have a hard time analyzing reality.

AI does not exist, and any use of the term today is abuse.