Posts by Pascal Monett

My car is in my garage. When not there, either I'm in it, or it's locked.

Why do I need to know how the engine works to ensure that it is protected ?

I agree that it is good to know how the lock functionality works, but it's not like you can tell the garage to install something else if you don't like it.

Which all goes basically back to the things Cloud is suitable for.

Scaling workloads : yes

Ensuring privacy : no

If you work with sensitive data, then you have to keep that data where it is secure. Those companies that made that choice were right in not looking at the technical aspect because that aspect is not pertinent to the decision.

I don't think that the statement itself is wrong, there are big companies that do exactly that - but those big companies have high-level management that make the decisions and then, when it has become corporate policy, no one goes against it.

What we have here is the prospect of capable people eventually being found and hired as middle management at best, then being continually overridden and denied by the same clueless upper management that is partly responsible for the current situation in the first place.

Because I don't think those project managers and architects are going to be hired as directors, do you ?

Re: "A/V control is not meant to spy on anyone"

What it is meant to do is irrelevant to the hacker. What it can do is the only thing that counts.

And that hardware can be remotely accessed and used without owners suspecting anything. That is a hackers dream.

I second that

I have a NAS at home, and I used to pester every time I had to open a folder on it until I removed Windows Search and started using Everything Search.

Now my NAS is as fast as a local disk.

Not only does Windows Search take ages to find anything, but it also prevents basic file directory reading to proceed efficiently.

No matter, I will be moving to Linux. Win 7 is my last Microsoft OS.

I feel your pain. My associate was singing the virtues of SSD performance until, one day, the thing just died out of the blue. Took two days to get a replacement for his laptop.

He doesn't sing the SSD song anymore . . .

That being said, HDDs could be treacherous as well. I remember trying to get data off a failing one, only to find that every file I recovered was corrupt and unreadable.

Thank God for backups.

That would seem logical, but kinetic interception of missiles has a dismal success record if I am not mistaken. Even if you have a dozen drones at the ready, there seems to still be a good chance that you'll fail to take it down reliably. That is why the military chose lasers, because if you've got it in your sights, you'll hit it.

The issue with laser is power, and if they couldn't get a bloody big Boeing to succeed, I don't think there's a snowball's proverbial they'll get a drone to win that contest.

So this is just money down the drain and pork for buddies again. Then again, there might be a remote chance that something actually useful will come from this program, and succeed in miniaturizing power generation to an extend unheard of at this time.

If that is the case, you have to ask yourself if that driver is important enough to risk the integrity of your system.

I wouldn't, even if I had to buy another equipment. On the other hand, I have no equipment with drivers that obscure.

Um, I think you missed the fact that this new #9 is supposed to be ten times the mass of Earth.

That means ten times the gravitational effect. With our current technology, good luck building a rocket that can lift off of that.

And if there are animals on that planet, and we somehow manage to bring one back, I shudder to think of its strength here on Earth. You'll have the power of an elephant in something the size of a cat.

You're still guessing.

It could also be rogbel, bellenr, or even $beller, following just some of the formats I've already come across.

Agreed

Actually, every single thing The Zuck does or says is always one more good reason to stay the hell away from that thing.

Re: making virtual crap worth actual money

I fully agree. I like gaming, and I think Steam is the best online merchant there is, but I regularly get annoyed at all the hoopla going on around the games I play. I don't care for an exclusive hat, nor do I intend to ever waste my time for cosmetic stuff that does nothing to the abilities I can enjoy in-game.

Arctic skin for my sniper rifle ? I'll take it if I get it, but I'll be damned if I pay money for it.

In any case, this article is an eye-opener for me. Had no idea that a simple browser extension could have such consequences on my game world.

Don't forget that "consultant" who was paid $80,000 to appear in Court and state that she didn't see any difference between an iPhone and a Galaxy S II.

I think we can safely say that, financially, she did pretty well out of the whole thing too.

Reputation-wise, less so.

Totally that.

And I marvel at the various solutions offered to redact a document.

Is it really that hard to Find/Replace the name with <Redacted> and re-publish ? Seems to me that going back over the text and covering each occurrence of the name with a black rectangle is a lot more time-consuming, on top of being totally inefficient.

And the second question that should follow is : what profit are you going to make by giving this to me ?

Fuck being monitored. Giving in to fear is just handing them the victory without contest.

And what are you afraid of, really ? Saying that a politician finally did his job (or hers, in this case) ? You're afraid of a libel case ?

If they're monitoring this then they don't enough work. So let me just say this : je suis ravi qu'enfin un membre du gouvernmenet de mon pays ait le courage de dire tout haut la vérité que les lâches et les corrompus voulaient cacher.

Re: Why should I spend my time looking into DevOps?

Ideally you shouldn't. Ideally, companies should be monitoring their requirements to ensure that they are being met and that future requirements are being planned for. Whatever is this week's flavor of name for that doesn't really matter.

Re: I really wonder if this stuff will work better

It won't, but marketing teams will have a new playground to chase bonuses.

Re: punishing Microsoft developers

I don't think it is the developers that decided to put the telemetry in. It's VW who apparently has engineers that go off and do things without management approval (or so they say).

No, Microsoft managers are the ones to take the beating in this matter, along with the marketing department I'm sure. And not the little managers either, this kind of decision was made at the top and ran down the line.

If it is indeed test machines, then it will be interesting to see how that number changes when the tests are discontinued.

In any case, it seems like MS is throwing everything including the kitchen sink to bolster its numbers. No matter, MS will survive a while yet, but when the new generation that has grown up on Android and Iphone get to the workplace, they're going to kick that bucket hard.

The fact that they only noticed the loss when preparing the backups for destruction is more worrying : it means that the disc has been AWOL for quite a while in that "secure" facility.

Something needs to be done about the procedures for storing data. From RITA's declaration, it is impossible to know whether the DVD ever got to the storage facility in the first place, or whether it went AWOL on-site. Why is that data not available ? A proper paper trail should allow discovery if the disc ever got there, at the condition that somebody on-site actually eyeballed all containers to ensure proper sign-in of data. I would think that a "secure" storage facility would do that par for the course.

RITA's declaration stipulates that "From our investigation, we believe the DVD was most likely destroyed in accordance with our usual process for unlabeled DVDs". That means that data written to a DVD made for backup purposes went into storage unlabelled ? How can backup procedures function properly if they send unlabelled DVDs into storage, and why didn't the "secure" storage vendor not raise a flag on that point ? Or maybe a flag was raised, which allows them to make that declaration, but then why is the issue coming up now ?

There is something of a mess in the data storage procedures in Ohio.

Re: "distributed via email"

Thus relying on the tried-and-trusted clueless idiot who clicks on everything without even wondering why he was sent an executable in the first place - if said idiot even knows what an executable is. Well, users need to learn to not open everything they see in front of them, and if losing their personal files is the price, then I'm all for it. Maybe after the initial panic attack they'll realize the error of their ways and correct it (yeah, right).

Personally I would prefer a drive-by attack, since I personally use NoScript so wouldn't be at risk and Google would most likely quickly catch on to the infection and alert its users, rendering the attack next to moot.

But of course that is the very reason it is not a drive-by.

Let's just assume they won't go down until the next attack.

In other matters, I wonder if this region blocking is going to become a standard in security considerations. This is anti-ethical to the very notion of Internet, but if a company knows it only does business in a given area, maybe it makes sense to block all other regions.

Or maybe global companies might start thinking about blocking the rest of the world for each of their regional installations. Microsoft Europe, for example, would block everything that is not Europe, Microsoft US would block everything that is not North America, Microsoft Asia would block everything that is not defined as Asian, etc. That might pull the rug under the feet of those worldwide botnet attacks somewhat, and the impact for the honest customers would probably not be all that significant.

Spot on

There is absolutely zero surprise in this nomination.

Chehade is a sleazeball who has played the information hiding game on Master level for years. He is an expert in the domain and a perfect pick for the Wuzhen conference goers.

I'm sure they will be very happy with their choice.

Meanwhile, it looks like the Internet is going to get its balkanization after all. On the one side, the authoritarians indiscriminately snooping on everyone for local political reasons, and on the other, the freedom-respecting countries snooping on everyone for "protection against terrorist" (and occasional industrial espionage) reasons.

Ain't this world just peachy ?