Posts by Pascal Monett 18232 publicly visible posts • joined 10 Apr 2007
I'm guessing we're going to see them get a whole lot bigger as well, then.
Because smarts is based on data these days, not on AI, so they're going to need some sort of data storage. Even SSDs will add some bulk to a camera that doesn't have storage now.
My Android is on Nougat, and I have zero options to upgrade outside of rooting the phone, which I have no intention of bothering with.
On the other hand, after having checked, I found that the security package is dated February of this year - so there's that at least.
Not true and not entirely fair. Coders are very accountable to their management - fail to bring a module out on time and on spec and you risk the pink slip, especially if it happens regularly.
Having warned that security is insufficient and risks are present just makes you a nuisance, an obstacle in the way of the PHB who wants to brag and show off his new toy, or wants to look good to the board.
I doubt very much that there are that many developers who don't give a fig that their application can be compromised and used against the user. I think most devs would react to such news if they had the chance.
Most, that is. I know a few who really, honestly don't care as long the money keeps rolling in.
I don't talk to them.
No, it certainly won't, but the fine is still in the millions, not in the tens of thousands, so there's that.
Then there's the fact that it represents a day and half of not raking in the dough, which always makes the board wince.
Finally, there's the fact that they got fined, and a repeat offense will likely cost more (at least, one can hope).
Personally, I'm just glad that a company screwing its customers got a multi-million dollar fine. There's not enough of that.
Signature-based protection is an after-the-fact approach - you have to have the virus locally before a signature-base AV can scan it, and that means you run the risk of triggering it before the AV can check out the file.
Instead of using signatures, an activity-base approach might be better. On a clean system, the AV creates a record of legitimate programs and kernel programs. After that, anything trying to modify those files is stopped cold, with a warning. Any process trying to access memory it shouldn't is frozen and quarantined. Any new application installed is sandboxed until its activity has been thoroughly analyzed and found acceptable, then it stands a chance of being whitelisted. Any whitelisted program trying to modify the kernel generates a warning for the user before the modification is allowed to complete.
Of course, the problem with this approach is that security is basically user-based, so the user has to know what he is doing.
And with that I realize that I have just shot down my own theory. Bugger.
And on top of that, we're going to crow about how that will diminish power usage of the CPU.
Please.
You're adding a new process to an already non-trivial workload. Don't try and find advantages that don't exist. I don't give a flying one that the CPU is burning less hot if my GPU suddenly has an entirely new workload that it wasn't designed for and I never expected it to have.
What's next ? Is intel going to tout a new architecture which just offloads everything to the GPU ? And then cry victory over having permanently lowered CPU consumption by 90% ?
Bollocks, I say.
I would take that as bad news. It seems that the moon mission is on hold, or at least severely set back.
Which is contradictory when China declares that the launcher's problems have been dealt with. If that is truly the case, then China should have given a new timeframe immediately, with enthusiasm.
But no. No more problems, and no moon launch timeframe. Those two things don't go together.
It doesn't look good.
Given that the IETF is the polar opposite of ICANN, I am confident that serious discussions are being had, opinions are being taken into account, and the IETF will have a proper charter and all that jazz in the timeframe they have themselves appointed.
In other words : a normal transition, managed normally by reasonable people in a reasonable way.
And that is just about as different from ICANN as can be.
Wah, wah, we can't read your mail so we ban you.
One has to wonder just how much security the nation has if citizens cannot go about their private business without being spied upon. But this is Russia, where the cadaver of the Soviet Union has yet to be buried and it's stinking up the place like usual.
That stink is contagious, however, and our own, supposedly "democratic" governments have long learned just how interesting that smell is to them. What is frightening is realizing that politicians may change, but the newcomers get infected all the same.
I don't need to, because the sites that have not been whitelisted by now are not going to be if I go to a new page and they are required.
My NoScript is set exactly how I like it, with the sites I know and trust whitelisted, and everything else consigned to oblivion.
That is how I surf in peace. If a website cannot work with my settings, it is not a website I wish to linger on.
That said, I agree with you that I shouldn't have to do anything to not be tracked, but hey, this is the Internet. Anyone can do what they want, and most do exactly that.
I agree. Every single update ever made is usuall for either adding functionality or adding more code to improve existing functionality. Removing functionality has practically never happened, especially at kernel level.
And it will likely not happen again before quite a while, because when we get to the point where we can retire x86 architecture, well I think Linus won't even be around to do the removing.
And neither will most of us.
"In the US State of Georgia’s a proposed hacking law could criminalize researchers for doing their job"
So many stupid things have happened there.
That's 1.1%.
I think we can agree that an issue not affecting users created by 1.1% of app developers is not a problem. It's worth knowing about, but I'm not about to believe that malware writers are downloading 1.8 million free apps to hit a password jackpot in 1% of cases.
Wonderful.
Wordpress not only helps you make and maintain a website easily, it's also the main vehicle for helping miscreants cheat people out of their money.
All that because too many people want a website but have no clue what the risks are, so they don't patch a thing. Wordpress, of course, sits on its hands about this. Too much trouble to go about checking site security on their own servers. I'm sure they could devise a tool to automatically check a site for vulns and then alert the site admin, but no. Costs money and makes trouble. Better to just blame site admins for not patching.
And now they have devised a way to harden it against quantum computing and are even testing it ?
Wow.
For having dabbled my toes in the waters of encryption, I couldn't for the life of me even begin to envision a way of not only creating a robust cipher scheme, but one that can resist being analyzed by a quantum process.
There are some seriously intelligent people on this planet. I hope they succeed as well. That'll put a dent in all the "backdoored encryption" nonsense.
Fuck that and the horse it road in on.
ICANN needs no "special exception". It has already had 2 years to pull its finger out and get to the task, but ICANN believes the entire world revolves around it, and has consistently decided everything in its own time and manner, procedures and laws be damned.
I am looking forward to ICANN being refused and brutally put in its place for once, and apparently there is a good chance of that since it has been warned in no uncertain terms that it had better get to work.
That may be valid for Apple employees who have stock and leak, but I doubt that all Apple employees have stock and I am almost certain that not all leakers have stock, so your point does not apply to all cases.
Apple employees who leak and have no stock can be fired, but that is the extent of the actions Apple is legally entitled to.
Of course, there is the hint that Apple employs people to specifically destroy a leaker's career, probably by phoning up all tech companies and loudly stating the horrible, treacherous person the ex-employee is, maybe even by polishing the story a bit (but not too much, because defamation lawsuit). Apple really has a Stasi mentality.
Despicable.
No use guys. You can only manipulate opinion when people do not know they're being manipulated.
We know all about you now. You are liars, underhanded manipulators and you take your cues from the 1960 CIA Handbook - How To Topple Governments.
Nothing you say can be taken at face value because you are a-ok with sending prostitutes to compromise honest people and record everything for blackmail purposes if required. You are the blackest of scum, intentionally sucking the dregs of human behavior in exchange for money.
Go on trying to find the words that you think will get you back into the good graces of the Internet. There is the most damning video on you and your practices to counter anything you can come up with.
Well now, that sounds like a gold-plated argument to me. I'm off to create an information society service that just happens to deal in drugs and guns.
No way that can go wrong, right ?
Oh, and somebody call Backpage - their defense lawyers need to know that one.
Thank you for the explanation, but I still don't "get it".
You talk about an encrypted session, and that I totally understand, but even in an encrypted session, the IP address is not encrypted, right ? On top of that, the actual server name is in cleartext, so what is the point of encrypting the DNS request ?
Additionally, you say yourself that "Being able to monitor individual DNS lookups is not the weakness here", but the issue in the article is about encrypting DNS lookups.
I like my privacy as much as the next guy (certainly more than FaceBook users), but unless I have my own DNS server, I have to accept that where I'm going is pretty much an unavoidably clear bit of information that any governmental agency can get a hold of.
With encrypted sessions, what I do there is my business, but just like going to the cinema, the fact that I went there is pretty much public knowledge these days. What film I saw, on the other hand, is a lot more difficult to find out if I pay for my ticket in actual, cocaine-covered cash.
Been hearing about DNS stuff since a while already, and I don't get why DNS should be encrypted. After all, this "security" measure sounds nice (not a network expert), but once I have the IP to use, I use it, and that can't be encrypted, now can it ?
So it's all nice and well to encrypt my DNS request, but it does bugger all when my browser then uses the encrypted response in a non-encrypted way to get me to the page I expect to go to.
In other words, if someone is watching my line and can intercept the DNS requests, then they can intercept the result as well. If they are just watching the DNS server and have no link to me, it must be as exciting as watching paint dry. Oh look, somebody else has asked for the IP of cupcakesgalore.org !
"exempt any actions taken along these lines from legally mandated disclosure requirements"
What for ?
We are presented with the message that drones are potentially used to communicate with prisoners, and do various nefarious things that a proper mother would shudder to think of, and are told that there needs to be power to shoot them down.
Well fine, I can get behind that, but then why keep the shooting part secret if it is for the Defense Of The People ? What is soooo strategic and National Security about shooting down a drone that is attempting to go over a prison wall ?
In a proper democracy, there has to be checks and balances. I understand that the check part is a nuisance to law enforcement, but if there is to be a democracy, and if democracy is what is supposed to be defended, then the checks should be welcome, not brushed aside or crushed under an iron veil of secrecy.
Democracy cannot function in secret. Dictatorships do that.
I won't be surprised to learn that said safety controls will be entirely cloud-based, under MS control and with the regular, can-change-at-MS's-whim EULA.
I will be surprised if I learn that the rollout is suspended until said safety controls are in place.
The globalisation that is the Internet has nothing to do with the globalisation that is Apple. You're using that same word in two entirely different concepts.
Apple is global in the sense that it is selling all over the world.
The Internet is global in the sense that a message can be read by anyone anywhere in the world (except totalitarian countries that don't like the Internet, but that is another issue).
So it makes perfect sense that an anti-corporate-globalisation group, who is against a megacorp selling its wares on the entire planet, use a global communication platform to help its message get across.
And, if I were to be finicky, I'd point out that it is not the group that is posting this article on the Internet.
Not only is IBM not interested in your business, it appears that quite often IBM is not even capable of taking care of the business. This is just one more in a long line of companies that are sueing IBM for failure to deliver.
Now, it must be said that there are certainly some cases where IBM is the scapegoat to mismanagement of the projet, but there are too many cases for that to always be the reason.
On top of that, IBM has a tendency to shed its most knowledgeable employees, and that can't help.
No, it's not. Firstly, because people are just too damn lazy to actually go through all the hassle of changing bank, notifying all the required entities of the change and redoing all their accounts elsewhere. They prefer to just grin and bear it.
And secondly, the banks are all the same, so why bother ?
To imagine creating shares in view of an impending deal is already clearly a case of insider trading, but to do so using a share type that cannot be sold and not even registering them is literally telling the judge that you wanted to cheat the system. Never mind the fact that all this was created by a guy who was having his own biz bought out in the deal.
When you point every single clue to yourself, you can't be surprised if you're the one collared.
Gotta agree on that. Sex trafficking is an abomination, a blight on Humanity as a whole. Targetting those who facilitate such a thing is good.
What makes me uneasy is the very cavalier way US law is used these days. We read this past week about how a new US law is being used retroactively on Microsoft to get holf of offshore data, now we see that an unsigned law has triggered an action that had no reason to wait for it.
This is not the proper attitude to the law and, given that corporations are defining US law these days, I will not be surprised the day a megacorp gets fingered for something illegal, but a new law is passed and all of sudden everything is all right.
And suckers line up to try and cash in from this fabricated e-bonanza.
Oh well, in a hundred or so years there will have been enough hard education for people to understand that managing a currency is not for PFYs. No matter how well they can code, they lack the experience of managing something complex in the nastiest, most insecure world there is : the Internet.
The only intentions FaceBook has is to rake in the moolah and shovel it to the shareholders.
Don't talk to me about a "mission to connect people". Connecting people is just the means to the end.
That's why FaceBook will never have a proper Privacy Policy - it literally can't afford it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
