Posts by Pascal Monett 18877 publicly visible posts • joined 10 Apr 2007
I'm pretty sure that his definition of a dropped call is not mine.
As far as I'm concerned, if I get a call and cannot hear the caller, I drop the call and wait for the caller to call back. Most often, I can hear the caller next time. If I call and my respondent cannot hear me, I drop the call and start over. Again, the second time I can generally be heard and hear and the call proceeds normally.
In both cases, I consider that it is a dropped call, because the call did not complete satisfactorily. This is undoubtedly a situation that operators do not consider a dropped call, but it is a situation in which the call is not complete because one person cannot hear the other.
Congratulations to 3rd millennium tech for having brought top-of-the-line technology that is less reliable than the POTS we had in that boring old 2nd millennium.
Oh, and just recently my sister called from her mobile to our landline. The echo was deafening, we could hear everything we said to her come back to us. It was so bad, she hung up and called back a quarter hour later when the train had arrived.
I do not recall a thing like that ever happening before Y2K. So kudos for having invented issues we never saw before.
Google would like the butter, the money for the butter and the fridge thrown in for free.
I am not a hard disk expert, far from, but from where I sit I don't think that what Google wants can be done. From a logical point of view, what Google wants is contradictory. Higher disks with multiple platter sizes, multiple RW heads and multiple I/O ports. That means more complexity, which means a shorter life span - if it can work in the first place.
I think the solution is simple : multiple slim disks in RAID configuration. That way you have a maximum amount of RW heads per I/O port. Oh wait, that's the present situation. Oops.
But I'm not knocking Google engineers - these guys are not idiots. Which means I wonder why they ask for these things. There's something more to this.
There are obviously some Tor champions out there who consider that 99% of Tor users are perfectly legit and restricting Tor IPs is a direct attack on Freedom and thus to be downvoted without fail and stomped on with great virtue.
Yes, Tor is used to protect anonymity. Yes, there are perfectly innocent people who use it legitimately. They are apparently 10% of Tor traffic. Those are not the people website owners are trying to protect themselves from.
If I can pin 90% of malicious traffic to one IP, I'm sorry but I'm blocking that IP.
My Diablo III witch doctor just made 45 million gold this week thanks to a treasure goblin portal. I'm not sure what the conversion rate to pounds is, but I'm pretty sure that counts as a digital salary.
I made considerably less last month, as usual, but I'm pretty sure I do not earn a "digital" salary. I earn real money that pays the bills, even if I know that it is stored digitally.
Any report that makes such fanciful and sweeping vocabulary changes on a whim is not one I would trust to begin with since it has obviously been written by a bunch of tweens fresh out of high school with the impression that their blathering is professional and has world-impacting importance.
Hint : it doesn't. Get back to work and do things properly next time.
Dropping a billion dollars for something not worth one-tenth the list price, wow, there's some right fine financial management right there. I can see now why I am not management material. I'm sure that, if someone gave me a billion to splurge, I could do a lot better.
There's something to say about having too much money. Oh well, at least it'll be reinjected into the economy (via massive parties and large bowls of white powder that are totally legit, officer, promise).
Um, anticipated by whom, exactly ?
Oh, right, by those who looked at every previous Windows version sales impact and blindly took the same numbers, forgetting all the while that :
1) Windows 1 0 is the first Microsoft OS to be offered as a free download (for the moment, at least)
2) The OEM image for new PCs was months late, due to MS faffing about with the code right up to the last minute
3) PC hardware no longer has anywhere near the jumps in year-on-year performance that we enjoyed pre-Y2K, meaning that a 3-year-old PC could still conceivably be used to run the new OS without much trouble
In other words, the only people "anticipating" a surge in PC sales were those who had their blinkers on and took PC sales and new Windows version as an article of faith.
The rest of the world checked GWX and either tested their PC or threw the whole damn thing out with the bathwater. No new PC involved.
Once again, a major organization demonstrates just how unconnected it is with the Real World.
Microsoft cannot drop Linux support on Azure because without Linux Azure is dead in its tracks.
Linux is what Microsoft uses for its networking - packet switching and stuff if I'm not mistaken - because only Linux has the grunt and reliability that such an activity requires.
Presumably, Microsoft first tried with Win2K servers and the whole thing never took off.
"users who download apps from rogue marketplaces - and bypass multiple security warnings in the process "
So, you have to go to a rogue marketplace, meaning you have to root your phone because otherwise you can't download from there, then you have to decide to ignore all the security warnings (pretty much a given at that point, I guess), and then you're surprised you got pwned ?
That's like deliberately walking at night in the shadiest part of the city and being all surprised when you get mugged.
Sheesh, I'm starting to think that mobile phones lower your IQ by a fair number of points.
And my Logitech mouse & keyboard is not in the list, as far as I can see.
Given the variety of mice available on the market, I see this as a rather good thing for security.
In any case, I highly doubt that mousejacking will allow the installation of software. If I leave my work computer, I lock the screen. At that point, no installation procedure can take place. If I'm in front of my screen and the mouse starts doing weird things, I now know I should unplug the mouse dongle.
In any case, thanks for the heads-up.
I would have thought that such an organization would want to ensure 100% uptime whatever happened. Putting everything into one basket, even a basket internally redundant and failovered and whatnot such as Google (or AWS for that matter), is still only one basket.
Cloud has demonstrated that there is no vendor that can boast 100% uptime over time. Okay, some are worse than others (eh, Microsoft?), but cloud is not easy and no one is safe from unscheduled downtime.
So, is this a demonstration that one cannot easily switch from one cloud vendor to another, or is it just ignorance of proper DR protocol ?
A Chinese company, based in China, is pre-empting government requirements. And we all know that the Chinese government cares not one whit about individual privacy, just like the US government but with less hypocrisy.
The real question is : will anyone outside of China use this browser ? Will the Chinese use this browser ? There are many alternatives, after all, but will a smidgen of nationalism get them to prefer a home-grown one ? Wouldn't be surprising.
I was willing to take the FBI's request at face value, but this means that the lying scumbag knew very well what he was asking.
Good on Apple's lawyers to have shed light on these shenanigans.
Bad on the government to have once again demonstrated that we simply cannot trust them.
How the country is going to solve the trust issue is beyond me, but a solution will have to be found. The country cannot continue like this and expect democracy to work.
Indeed, and they also want the disabling to limited to that phone, they don't want the code, and they agree to Apple being in control of the whole operation.
Really, it seems to me that the FBI is being extremely reasonable in their demands, compared to what they could have asked for.
Of course, we have to agree that, if Apple can create the limitation-erasing product for one phone, Apple can generalize the code. That is most likely the bugbear that everyone is harping on right now. And, given the NSA's attitude of "what we're doing is legal", it is not surprising that people are looking at their copy of the Constitution and seeing a whole portion of the text being erased and that is not making them feel better.
So, all in all, the FBI's request may be eminently reasonable, but it comes after a literal goatse from the government over individual liberties, so I guess the backlash is deserved on top of being understandable.
As far as hackers are concerned, I'm pretty sure they already consider most of us to be beneath even Pod people. For them we are just numbers on a screen, numbers they can take and use as they please.
The odds of catching them are vanishingly small, their odds of profit are vastly superior to robbing a bank or attacking an armoured transport, and, if caught, the sentences they face are laughably short.
The only good news I take away is that, after a long period of suffering, we might end up with better international cooperation to take down the scum that steal identities, better protections in place to prevent ID theft in the first place, and a global economy that is more stable and robust thanks to global encryption.
Sorry, NSA & Co., but your worldview is going to be proven wrong by the very tool you abuse for your surveillance abilities. That little irony is the only solace we can get at the moment.
"it is possible to collapse different infrastructure stacks onto a single larger infrastructure capable of serving all physical, virtual and cloud concurrently"
Is it just me, or has anyone else's bullshit bingo starting ringing ?
I might be totally wrong, and I acknowledge that network storage and workload virtualization have been making strides of late, but the only collapse of infrastructure I know of involves fire trucks, ambulances and many, many wounded after an earthquake.
Somehow I doubt that switching between Amazon and Azure is going to be a question of flipping a switch, even in this rosy picture.
Should be more along the line of "So, who is paying for it and why ?".
We all know that there is no such thing as a free lunch. If someone is buying for you, they most likely expect something in return (not talking about friends here). Knowing who is offering can most often enlighten as to what the expectations are.
I hate Facebook with a passion, but I cannot agree with your words there.
Signing up to Facebook is voluntary, there is no coercion from Zuckerberg, nor is there any obligation from the law or the market.
If you do decide to sign up, the onus is on you to read the conditions before accepting them. With all the hoopla around Facebook since it began to be a presence on the Internet, you cannot ignore the fact that Facebook is using whatever data you put on it, even if you might not realize how far it can go.
So I fail to see what consumer protection laws could exist that would prevent Facebook from existing unless you think a law that would forbid "social networks" from advertising would ever have a chance to pass - but that would be restricting free enterprise, which is a constitutional guarantee in the US if I'm not mistaken (so is the right to privacy, but that little detail has been swept under the rug).
Les mesures sont certainement proportionnels aux risques, mais le tout est de savoir quels sont les risques que l'on determine acceptable. Il est evident que l'effort auquel Linode vient de consenter démontre que, jusqu'à maintenant, une sécurité moindre à l'authentication a été considéré comme acceptable. Maintenant qu'ils ont subi une attaque réussie, ils ont revalue le risqué et ont agi en consequence. C'est au moins ça.
Quand à dire quels sont les fournisseurs qui implémentent la "bonne" sécurité, je pense que c'est impossible, vu que ce n'est pas le genre de chose qu'ils affichent sur leurs pages web.
Pour ce qui est du prix de l'abonnement, je ne suis pas convaincu que l'architecture avec authentication isolée soit plus cher à mettre en place que celle qui fait l'amalgame avec le serveur d'accès. Ce qui coûte certainement plus cher, c'est de changer l'architecture.
Autant faire bien dès le depart.
"It's also created an “authentication microservice” that completely separates customer applications from customer credentials"
The question is : why didn't they start by that in the first place ? it cannot be because they just didn't think of it, right ? I mean, I'm not an InfoSec guru by a long shot, but it seems to me that such a configuration is a basic when talking about secure authentication, no ? You want a minimum of internet interaction until you're sure of who it is you're talking with.
In any case, good on them to have made the change. Shame that it had to be following a breach, and that they didn't put the money there in the first place.
A limited number. Yeah. Limited to all UK users, or half of Europe's users, or whatever.
PR guys : limited does not mean what you think it means. You think it means that you can make us believe that this outage is not that important. We know it's important because it's all over the news.
If you really want us to know how small the issue is, just come out and say "only 12,000 out of <insert millions here> are impacted by this outage". In that case, we will be forced to admit that, indeed, it is not all that many compared to the total connections.
But you won't ever do that, will you ? That would be telling people the actual situation - and you don't ever do that, oh no. That would be an unacceptable break of tradition.
The article specifically states "Auto manufacturers can customise the card, as well as remotely monitoring the thing to see if it's operating okay and find out if/when card upgrades or replacements are needed."
So, on the face of it, I'd say yeah, there is some sort of wireless lurking around this tech, even if it only works in a garage environment. Then again, think OnStar and its all-knowing eye.
Thank goodness we all know that wireless is perfectly secure and has never, ever been breached by someone not authorized to access the data.
Oh wait . . .
Given The Zuck's track record over "Free Basic" in India, I'm not at all enchanted at the idea of him getting his mitts on an ISP portal already used by millions.
The amount of privacy-invading surveillance "for your convenience" is going to make the NSA blush.
Well I'm betting it won't.
I've got nothing against the phones, but VR is and always will be a niche product that will appeal only to a few percent points of the population.
And Glass was a brilliant demonstration of how acceptable it is to walk around with a Borg attachment.
Is not actually battery life - it is security at the hardware level.
Battery life (or lack of) is a nuisance, to be sure, but everywhere you can hope to get a connection, you generally have access to a wall socket or a USB charger. If you go out of range of either, there's a good chance you won't have connectivity either.
What we really need is secure-by-design IoT. Another thing would be IoT that is actually useful and not just for hipsters, but that can wait until security is baked in from the start.
More like an acceptable level of loss.
Yeah, 3 millions documents - and that's not pages - is a lot to review. Maybe we need to pare down the discovery process to allow for a restricted number of document submissions, instead of trying to find a way to skip analysing every one of them ?
Because if the 3 million are relevant, then what ?
You are asking me to mutilate my treasured AD&D collection so that you don't have to go through the trouble ?
Or am I supposed to believe that WoTC doesn't have some copies lying around to do the job ? Or original prints ? Or any sort of archive ?
My books are mine. I'll agree to digitizing them with a hand scanner if it helps, but no way I'm destroying them because you couldn't be arsed to preserve your own publications.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
