Posts by Pascal Monett 18221 publicly visible posts • joined 10 Apr 2007
And scores of grammar nazis have just keeled over from massive heart attacks. This from a developer for whom English is likely the native language. Oh well, it's a living language (meaning that it is defined by all the morons who don't know how to speak it).
By default I stay away from all privacy-mining social platforms, so I gave Google+ a miss as soon as I heard about it. I never missed it.
With all the news about AV products revealing the stupendous stupidity that is lurking in their code, it would seem that Microsoft's Windows Firewall is actually not a bad product - provided you don't poke it full of holes with some so-called "security suite".
So Comodo joins the Symantec club of AV products I will never use. Another tear is shed on what Comodo used to be before it bloated itself beyond all usefulness. And life goes on.
Maybe none. Probably none, even, if the amount of people handing over their privacy to Facebook is any indication.
But seriously, this hack can only take place if the camera is connected to the network. That means all CCTV purchases are not at risk from the Internet. Of course, they are perfectly at risk from physical tampering, but if your threat is already that close, it's not the camera that will deter him.
As for me, I'm done even thinking about buying security cameras until an official rating has been created, implemented and can be verified stating that the hardware is secure and as tamper-proof as possible without any backdoors or root access or hardware-coded passwords.
I'm not holding my breath.
Maybe if you spent less time reading, you'd spend more time making sure your product works ?
Okay, cheap shot, I agree. Hardware is finicky enough, add software and you can really find yourself in quite a bind, I'll easily admit that. But trying to do the "we're listening" act when you work at Microsoft, well, let's just say that it's going to be a while before that approach is taken seriously.
And really, guys, was it so hard to put one of your new Surfaces in sleep mode and test before shipping ? Or have you actually been in frantic mode on this issue since before release ?
I can only applaud the Rockot program when it takes decommissioned ICBMs - the Armageddon's lance - and uses them to further Science and human understanding.
I do wonder what fuel they use though. I am under the notion that Soviet rockets used pretty nasty stuff. I wonder if that has changed.
You say that as a Linux expert. In your case, I obviously agree.
Most people are not proficient with Linux. For those who still need NAS functionality, a dedicated vendor box is not all that expensive and has all the functionality required in a simple setup screen - no Linux knowledge needed.
Given that 99.9% of the population does not have the skills to tackle Linux on their own, NAS boxes are a good alternative.
Better than setting up yet another bug-ridden Windows box anyways.
I have a Synology 4-bay NAS where I put 4 3TB disks (three WDs and 1 Seagate). Why 4 ? Because I wanted to use RAID-5.
I have ripped all my DVDs to it, so that my TV can access it for film viewing without hassle. I do not consider that replacing that with my Internet connection as an improvement. First, I'd be using up my bandwidth for something I already have locally. Second, I'd be limited to 10Mbps instead of 100Mbps on my LAN. Third, TCP is a lousy streaming support under 30Mbps. And I hate screen tearing when I watch a film.
Finally, I can watch a film whether or not I have Internet connectivity. I'll be damned if I have to depend on Internet to do stuff with MY data.
If he's not actually logging anything useful, then why refuse to hand over the keys ?
If you witness a crime and have firsthand information on it, then refuse to tell the police when asked, you are bloody well complicit.
He has information that can help the police in bomb threats. I'm all for anonymity, but when lives are threatened fuck anonymity. I want the bastards caught and removed from civilization.
He hands over the keys to prove his innocence. When the kerfluffle is over, he changes keys.
You operate a site promising to look the other way, you takes your chances. He took them and it blew up in his face. Now he must face the consequences.
The entire banking industry has been surfing on security principles that date from last millennium.
Looks like a few hundred million are going to have to be removed from bonuses and go to actually securing hardware and transactions a lot more than they are now.
Maybe even ATMs will finally be upgraded from Windows XP Embedded to something secure, like a version of Linux.
In any case, I'm shedding no tears for them. This is a much-needed learning experience, and ATM security has been neglected for far too long.
I understand the criminal approach of maximizing revenue : squeeze the victims that are most likely to pay without fuss.
I also think that paying them is a major mistake. Blackmailers will always come back to a victim who paid before. Unfortunately, that is not really an option for commercial sites, since they lack the means to change domain name or IP in a reasonable amount of time.
The only thing left is tracing the money, and that means paying, then waiting a long time before getting any hope of results.
What I don't understand is the betting sites. Betting has always been rather close to the criminal side of affairs - it seems to me that criminals are often behind those activities in the first place. So how is it that betting sites are targeted ? Shouldn't they be able to phone somebody and "get the message across" ?
So that's 47 companies whose business model is :
- use poor schlubs to do someone else's job and skim your profits off of their work while claiming that they are not employed by you
- remain based outside of the country and claim that your revenue is not taxable because "Internet"
- avoid any and all liability by claiming that you have nothing to do with any issue that can arise since you are just a "facilitator"
In other words, 47 sleazebags who take the money and refuse all responsibility. They actually make Ebay look good again.
If security really had been a consideration then Moscow would never have started using Windows in the first place. In the days of the KGB, when it said nyet to something you didn't touch it unless you wanted to find out what the inside of Kremlin cell looked like up close.
Seems that Moscow is not so concerned about security that using Microsoft products becomes an issue. I do acknowledge that all this cloud malarkey and constant online transaction has become a security issue and that is why Moscow is now drawing the line. The bit about cheating and loss of trust is just a jab for old time's sake.
If that is the case, then Microsoft can promise all the discounts it wants, Moscow will move to Linux and nothing will stop that.
No there does not.
Not when there is a Constitution that guarantees individual privacy and freedom from unwarranted search, and bulk surveillance is - by definition - unwarranted search.
I find it curious to the extreme that nobody challenges the whole house of cards on those grounds - but then I remember that the media is controlled by those who are in charge, and they don't like questions like that.
Chant until you believe again that nothing bad can happen anymore since you're on the cloud.
Shit happens, and when it does, Cloud means there's jack all you can do about it.
I can buy that it is a freak chain of circumstances. I can even imagine that there is no single one person that is responsible - neither the contractor, or local employees, maybe even the procedure was fine and Murphy's Law was just strolling through that day.
What I cannot buy is this insane, lemming-like attitude of "let's put all we got into The Cloud because everything will be all right and don't look at the invoice, ever."
No, something will go wrong and, as anyone with Internet access can find out, there is not one single Cloud provider that has not had problems staying online for whatever reason. So yeah, if you're going to put the one thing that makes your money - your website - on the Cloud, it's up to YOU to imagine where you might be if that cloud disappears for a while.
Instead of just drinking the cool-aid and looking at your shiny, 99.99% Uptime guarantee.
It's The Cloud. THERE IS NO GUARANTEE.
Bitcoin's blockchain management is failing to support the high level of transactions that the fairy money scheme has generated, and that will tend to make makers of connected abominations not look at the blockchain functionality when shoving their insecure crap on ever connection that accepts the stuff.
I don't have any Bitcoins or any other fairy money, and IoT will stop at the moat around my house, so how exactly am I concerned about all this ?
Oh, right, all the other blithering idiots who buy into this unicorn scheme will be flooding my Internet with their useless, insecure drivel in quantities that will dwarf the useless, inane drivel from Twitter and Facebook. Yeah, that'll probably bug me a bit.
Until I finally get a working flamethrower, that is.
The only thing that the US has demonstrated is that it will stop at nothing to get the data it thinks it needs.
This stuff is just PR for the media.
The NSA couldn't care less - we have been repeatedly told that what it is doing is legal.
Well that's it then, we know for sure that all this IoT mania is just pie-in-the-sky thinking that is two hair widths from being as bad as a pyramid scheme.
Go on dreaming about unicorns in fairy land, guys, I'm sure you're having loads of fun with all that LSD.
Meanwhile, here in the dark, dank underground of the Real World, you try shovelling that crap at me and you'll get a kick in the head.
I can't believe how stupid we still are.
Code is code. It doesn't matter whose fingers typed it, or whether or not they were perfumed. What matters is that it works.
People (okay, MEN) who are capable of refusing working code on gender basis have no business heading a project and should go back to shovelling dirt and whistling to the sight of a well-shaped behind in a fitting dress because that's their level of intelligence.
You mean, like fighting against those pig-headed nitwits who never change their opinion even when they have been publicly demonstrated to be wrong ?
Well if it takes one to know one, she's certainly on track to succeed in finding them.
I read about that technique in a Tom Clancy novel some years ago. At the time, I thought it was a pretty smart thing to do.
Except that here, if you can spot that sort of thing in less than 25 seconds per document, you are giving away the plot. And if there are that many typos, then it seems obvious that, to leak the document properly, all you have to do is correct them and they'll never find out who leaked it.
Stupid, stupid, stupid. This whole thing positively reeks of vested interests, backroom deals and brown envelopes. And this is something that a democracy is supposed to accept ?
Humbug.
Well, as far as bells and whistles are concerned, yes, VR looks a lot better than it used to. It's still not "reality" though, and anyone who thinks that they'll play a Gears Of War in VR is in for a bit of disappointment.
As far as needing a bucket after a short while is concerned, we haven't gotten much further though, as said gamer will likely discover rather quickly.
This is a case of "I'll believe it when I see the body".
The cancerous, leeching parasite has dragged itself back from the brink way too many times for me to trust this at face value.
If the Lizard Men are controlling the White House, they're doing it from SCO HQ.
Maybe, maybe not. This is the Universe we're talking about, and this news proves that we are far from knowing all about it.
And just think, if the Milky Way was hiding a few hundred galaxies, maybe those could be hiding a few thousand more.
In any case, thank God for scientists painstakingly going over endless reams of data again and again in order to extract the very last ounce of data.
Well done, boffins and boffinettes. I salute you.
The very first phrase in the Bitcoin wiki on this subject is : "A brainwallet refers to the concept of storing Bitcoins in one's own mind by memorization of a passphrase. As long as the passphrase is not recorded anywhere, the Bitcoins can be thought of as existing nowhere except in the mind of the holder. If a brainwallet is forgotten or the person dies or is permanently incapacitated, the Bitcoins are lost forever. ".
My first reaction to that was Hoy Cow, how more useless can you get ?
If someone steals my Visa, I can have it blocked. If I lose my account password, I can go to the bank, prove I'm myself and get another one. If I lose my Internet access, I can go to the bank. With real money, there is always a fallback option.
This ? A knock on the head and your "money" is gone forever.
And you can't even light a cigar with it. Pff.
I think that any ad with a size over 80Kb should be banned. The html in the pages I read rarely goes over 20Kb, having 4 times that for ads should be largely enough.
I would welcome a browser extension that only downloads 80kb of ads and not a byte more. If all the ads in the page can't fit in, too bad.
That would kill almost all flash thingies in one stroke.
Now THAT is the right kind of approach. No molly-cuddling, no pretty please, no endless collection of second chances.
Where security is concerned, I totally subscribe to that. Enough with the kindergarden view of connecting things to the Internet.
I hope the words will be followed by actions.
It is only just that they get some misery out of all the shite they think they have the right to fling at us.
I have a solution for this situation, which I have already outlined in the columns of this memorable site. It is called separation of powers. At the moment, ad creators have complete control over the ad. They build it the way they want it, and shovel the end result to the channel for distribution. Thus, they have the power to make it as annoying/vicious/fullofmalware as they want.
I propose that ad agencies put a stop to this by creating an ad submission environment in which ad creators will only be able to submit images (eventually a video), and set up a script containing only commands from a given set of options. The ad agency would then check the script for any fraudulent commands, build the ad and serve it.
In that fashion, ads served by a given agency would always be built by that agency and the reputation of that agency would be made following what behavior it allowed in ads it served. Thus, agencies would (hopefully) compete by being graded by customers, while the public would bask in a world where ad blockers would only be used to block ads from agencies you wouldn't like.
In my view, everybody wins. Except for the scam artists, of course, but I'm not shedding a tear for them.
The Tunguska event was quite a big blast, but it did not kill many because it happened above a (very) sparsely-populated area - which is probably why it took a decade to get the first recorded expedition to find out what happened.
Interesting idea, and strategically valid, I do believe, at the condition that the owner is the only entity that can give it the marching orders. But that is an issue for the spymasters to resolve.
The real issue is that orbits degrade. If you want a loitering anything, you need to include the necessary fuel and exhaust ports, plus comms and telemetry to know how high it is, how fast the orbit is degrading and when and how long the burn needs to take to recover an optimal amount of time before the next burn.
Given that there is currently no satellite in existence that can maintain orbital altitude on its own (even the expensive telecommunications satellites that are very valued by their owners and would certainly benefit from such technology), I'd venture that, if Western economies with their ready access to best-level physicists and boatloads of money do not include such tech, I highly doubt that the Norks have the brainpower, not to mention the resources, to do it on their lonesome.
But hey, ingenuity knows no bounds, so I'm willing to be surprised.
Um, no. I'm not a physician, but I'm certain that no fusion reactor Man can make will turn Earth into a star. We might be able to return it to the molten slag state it started in, but we have nowhere near the mass, nor the hydrogen required to make Earth sustain fusion reactions in its core.
Personally, I admit that there will be mistakes - to think otherwise wold be foolish, given Man's history. I also think that a broken fusion reactor will simply make one spot rather hot for a bit, and that should be it.
Maybe we should always build them underground ?
No, Netflix created their software and built in redundancy because upper management had made the decision to put the money in it, probably because they decided, after analysis, that it would cost them more in the long run if they had a service that fell over every other week.
Best practice is hardly the reason for doing things when the accountants hold the purse strings.
Enterprise-grade, except memory management and automatic failover are conspicuously absent.
So it's more like piling sub-par software on a platform that can fail for several continents after a wrong DNS command.
So it's totally Microsoft-grade quality, then.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
