Posts by Pascal Monett 18926 publicly visible posts • joined 10 Apr 2007
The tweet is reproduced in full in a pic in the article. What is the use of repeating its contents word for word ?
A bit of journalistic interpretation could have been used, instead of making me read the same thing twice and thinking I was already at pub time before 10 A.M.
This situation sucks. Now, when buying a car, one is going to have to go through a number of checks to ensure that the car cannot be easily broken into via passersby smartphone, in addition to all the other stuff to evaluate.
And the problem is not that Mitsubishi did not think of implementing security - they established a procedure and implemented it - probably after testing it. The problem is, nobody made a quality check - or even a sanity check - with either security engineers or a simple street thug (the latter may be a bit difficult to locate for a car maker, I agree). So what they designed is trivial to crack and nobody is safe.
I do not want to have to become an engineer to have a secure car. In any case, Mitsubishi is off my buy list until they get this sorted out.
A company having complete control over its presence decides to surrender the hard part thinking things will go better.
Regardless of whether or not Tivo is doing well or why, what makes them think that handing over the hardware to a 3rd party is going to make things better ?
Yes, they will get rid of hardware issues. They could also get rid of that by making a better product, but that is clearly pie-in-the-sky thinking these days.
What they will actually be doing is handing over the platform to someone who will have a vested interest in expanding the platform to other players to increase the footprint. Meaning they will abandon their power to dictate what the platform does and does not. They will be forced to deal with platform changes that, in the long term, may not favor them.
But hey, long term is someone else's bonus, right ?
That image today would have to have a Linux patch over one eye.
Microsoft is not Borging anything any more. The PC market is in decline and MS is royally pissing consumers off with its ultra-aggressive GWX tactics and shoddier-than-usual WU snafus, and concerning the phone market - well let's just say that MS is history in that arena.
Cisco, on the other hand, despite having a tattered reputation, is still there and going strong. So maybe it's time the title be passed on.
Nothing makes the NSA's work easier than people not believing that it is possible in the first place.
There's a lot I don't know about electronics, and I know nothing about how to sniff out CPU operations, but that doesn't mean I'm blind to the possibility.
On the other hand, it would seem that this paper refers to a phone being left a foot away from my PC for an hour. I don't think that a top-level anybody is going to have an hour-long meeting with anybody else with them nonchalantly placing their mobile next to the laptop.
Once again, a miracle in surveillance tech that is impractical in real life. Keep foreign mobiles away from your PC and you'll be fine. Because if the NSA is interested in you, you're screwed anyway.
Those two points seem to be the bread and butter of the blackhat community.
If users (banking or otherwise) were always alert and professional, blackhats would have a hell of a harder time getting their objectives fulfilled and social engineering would be a theoretical concept.
Security is hard because IT is immensely complex. Add humans to the mix and breaches are practically inevitable in the long run. SWIFT needs to make the run longer than it is at the moment. Nothing like the one-percenters losing a fraction of a percent of their money to get some motivation into doing that.
The issue is that the software was badly specced by interested parties, outsourced to cowboy developers through relations and written one-handed in a weekend without any quality control or oversight.
For me to trust any "election" software, I want the entire project to be managed like open-source. I want the specifications to be public, I want the code to be public, and I want millions of eyes on it to ensure that there is no error in processing, security or confidentiality.
Unless I can personally see what has been approved to count my vote, you might as well have it developed in a dungeon by a group of trolls, that is how I will trust it.
That Win 1 0 is getting a (small) boost in market share is understandable, the deadline for "not free" is fast approaching.
Microsoft needs all the market share it can get now because it'll be the last jump forward it will get on this. After June, it will be incremental steps only. Companies cannot switch easily or quickly, and private people who want 1 0 will have already got it. Any "new" installations will be of the buying-a-new-PC type, or when a company finally gets around to cycling its PC pool again.
I'm probably wrong and I certainly don't know what I'm talking about, but if the carrier cannot identify the phone, then how does it know to route your calls to it ?
I applaud anything that will stick it to Scott McNealy, and Google deserves anything that will bring its arrogance down a notch, but mobile tech is what it is and if you're using it, your phone does have to be identifiable to the carrier. I don't see why the carrier should distribute that information without a warrant, but the carrier has to know where your phone is.
Take a small enough part of anything and I'm sure your argument stands.
I don't see why copyright should be restricted to an entire song - it's the individual notes that make up the song. Nobody has copyright on individual notes, but that does not mean that taking out four or five and sequencing that is a Good Thing (TM).
Why ?
I get that the vuln came from a supplier package - but who's to say that said package wasn't developed using DevOps ?
DevOps is just the new name for brainstorming something and implementing it before analyzing all the possible consequences. Sounds like a DevOps package to me.
On-board GPU is good enough to display 2D Windows for work or browser-related purposes, no doubt there.
I don't care what Intel tries to push, if I want to game or do heavy video computing, a discreet board from a specialized company is where I will seek the solution.
It's a pretty nice drop, though.
Yes, it's only 1/16th of the budget. Yes, more should probably be done. But this is yet another case where statistics are used to fudge reality.
One billion of anything is quite a number. One billion of government funds spent on "local" companies is not a bad result. It will take some time to change mentalities, meaning that the old fogies and their buddy group need to retire to make place for the young fogies with their buddy group, then we'll be able to measure results.
Of course, by then, requirements will have changed and everyone will be clamoring about how the government is wasting money on small suppliers when economies of scale can be had with larger ones.
And the wheel turns.
Because then you might get beat to the post by someone who didn't consider Do Or Die and just chucked it out to patch it later. That way he gets the problems and the patch issues, but he also gets the money and the market share.
Meanwhile, your company folds.
That is the wonderful world of Capitalism which Americans are so prompt to defend to the teeth. Unless they're the ones standing to lose, in which case they cry out for arbitration (in their favor, of course).
There are people who want to do right the first time. Generally they go into Open Source, I guess, meaning they have to live off something else until the project is done.
Right, so realistically that means 2.4Mb/s for 250 connections, and 0.24Mb/s for 2500 connections.
Because really, 250 connections ? Over 37km ? Did they calibrate that for the desert ?
A 37km radius is going to cover tens of thousands of connections. They'll need more than one of those for all that.
But never mind - the important bit is that connectivity is on an inexorable march forward. If only privacy could be on such a path.
Bringing back the total lack of procedures and oversight that the industry has spent decades trying to put in place.
It is marvelous to think that the most disruptive technology to ever hit a production server is the lazy developer who couldn't be arsed to follow procedures because reasons.
Because you cannot make me believe that all those containers have been created by small mom & pop shops who don't know better, hmm ? I don't think so. They've probably been created by companies who have an established protocol for managing servers, but who call in some DevOps evangelist who blinds them with "expertise", dizzys them with buzzwords and proceeds to screw them over with shoddy installs, no documentation and a fat bill.
"Last year HMRC was awarded £1.3bn to "build one of the most digitally advanced tax administrations in the world", which the department reckons will yield £1bn in extra tax revenue after 2020."
No, no, not at all. The HMRC was given a first installment of £1.3bn to waste on a project that will endure until 2020, burn billions more every year and amount to nothing much before it is scrapped and swept under the rug.
FTFY
And the police can get the phone company to cough up the forwarding number and track down the miscreant.
This is not an email/bitcoin scam thing that can be anonymized via Tor, this is a scam that relies on phone companies not snitching them to the law.
And apparently it works, so why not ? Capitalism at its best.
How typical. The company is going bust, the accounts are in the red, but never mind - the desk where the buck stops will see a bright day anyway.
Sorry, but from where I stand, you only get the rewards if the company is doing well.
And when the ship sinks, the CEO should be the first to feel the pinch. No bonus package for a botched sale.
But I'm daydreaming again. Nurse ! My medication ! In a glass of Glenlivet, as usual, my blood pressure is rising again.
My interior conspiracy theorist says duh, of course they would. If this study is in any way funded by Monsanto, its results are to be viewed with utmost precaution.
Chikita bananas are dying due to mold and the fact that we've grown Chikita exclusively. The entire banana production industry is set to expire in the coming years because of our lack of precautions.
That fact alone is sufficient to put in question our ability to judge whether or not we are capable of properly evaluating the impact of our decisions when it comes to determining the consequences.
I am quite sure we need to enhance our food production capabilities if we wish to avoid slaughtering half the world population to feed the other half with the remains. I am not so sure Monsanto is the right entity to trust with that job.
Only when every other possibility of subversion, replacement, obfuscation and obliteration has been totally exhausted, died in the desert and was dragged 10 miles to the nearest water hole to find out that no, it still won't move any more.
Then, with extreme reluctance and a twitch of disgust, Microsoft will integrate it into its world, gagging all the way. Until it starts making money out of it, that is.
I'm looking forward to seeing a website that will allow you to download an ISO image of the bundled patches for Win7 that have been carefully vetted for weeding out telemetry and GWX nonsense.
That way, us 7 diehards could download the image for when we need to wipe our machines and reinstall. We could then install Win7 without the network connection, apply the ISO patches and then connect the machine (more or less) securely.
I would do it myself if I knew how.
Seems like the banks are going to have to man up and lay down some money to get a proper, secure solution in place.
Then again, if the crooks can get access to the internal network, it's game over anyway.
Still, it seems high time that banks up their security along with the rest of us.
I keep reading about how things go TITSUP, but it's never really important and nobody is ever really impacted.
I'm sure all the companies that have lost tens of thousands in sales agree completely and are ready to do it all over again.
What Benioff is really saying, of course, is that this failure will have minimal impact on his bottom line, since all the companies using his "service" are absolutely unable to pull roots and go somewhere else. So the devil sign was very appropriate.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
