Re: Quick Question regaring Fibre
Short answer is "yes it's asymmetric" for most residential packages.
547 posts • joined 14 May 2008
I have to use WebEx occasionally for meetings with customers. It's certainly much better now than it used to be a few years ago - it may not look any prettier but it now Just Works in Firefox on Ubuntu without any plugins or anything.
Though every company I use WebEx with seems to have a slightly different system (whether you can use web audio or have to phone in or have it phone you, etc), maybe due to how it is configured.
Firstly, that would also trigger the "insecure" warnings in the user's browser, since nobody would issue a TLS certificate for that IP address.
Secondly, while an IP address might work fine for you, most less savvy users might be rather confused by it.
I am sure this was not some unknown vulnerability, rather a deliberate decision made by Netgear as the least-worst option.
Even if they did have per-device keys, it would make no difference, unless they also had per-device domain names with associated certificates (e.g. they asked you to visit abcdef123456.routerlogin.net, which is somewhat less user friendly). Having a bunch of different keys and certificates all for the same domain wouldn't give any more security as an attacker could use any one of them in a MITM attack.
I think Netgear probably knew the risks and took the decision to basically allow the key to be compromised as still being preferable to having to tell users to click through browser warnings (neither is secure anyway).
Protocols only work if everyone wanting to use the protocol supports it.
There isn't enough space in an IPv4 packet header for any number of extra bytes of address.
Which is why IPv6 went from 32 bit addresses to 128 bit addresses - so we are not likely to ever need a longer IPv7 address...
If you want to create your own "MyIPv4+" protocol with 64 bit addresses, you could try, but it would be a lot easier just to adopt IPv6...
Do Sky really give you a routable IPv6 address, or is it just a link-local one?
At work we have functioning IPV6 and traffic to sites that support it (like Google) uses v6. I used it to test my own personal websites which also work on v6.
But my ISP at home (EE) don't provide IPV6 connectivity. If they did I'd use it.
You can never have too many sockets in a kitchen, even with a moderate number of middle-class appliances (coffee grinder, coffee maker, breadmaker, slow cooker, food mixer, blender...as well as the usual kettle, toaster and microwave)
Our kitchen definitely doesn't have enough, it's a pain to unplug the toaster if you want to use the blender for example.
When I had my last house rewired, the electrician thought I was weird for wanting two double sockets fitted on either side of the double bed in the bedroom, but it definitely proved useful (if you just have the one then it's full with a lamp and a phone charger, it's nice to have one for a second kind of charger and a free one to plug the hoover in...).
On holiday in the summer, we went to the Greek island of Lesvos. As it's in Greece, which is part of the EU, roaming is free. Except when you drive around the northern coast of Lesvos, which is quite close to the mainland of Turkey, and your phone connects to a Turkish network.
We were driving for 20 minutes, my phone got a text which I didn't read as I was driving. When we stopped a few minutes later, I saw it said "welcome to Turkey, data is £3 a megabyte".
I immediately switched off data roaming, but when I got home I found I'd been charged £2.97 for whatever my phone was doing in those few minutes.
Luckily it wasn't more...
No, the whole point is quite the opposite. Life is not black and white, and while it may be more "efficient" to pretend that it is, reality is that you have to consider the particular set of circumstances and make a value judgement on those circumstances. You can't avoid this by lazily saying either "anything goes" or "if you rule this out you will slide down the slippery slope".
Likewise. I have a vintage Gmail account (from when they rolled it out invite only to Blogger users) with a short username. The number of people who get my email address either through typos or through being too stupid to know their own email address is ridiculous.
I've received all sorts of order confirmations, 'your car is ready to collect from its service', 'reminder of your dentist/hairdresser/therapist etc appointment', website signups, circulars for community groups etc. Aside from the community group ones invariably I have to mark them as spam in Gmail (which they are, since while the businesses may be legitimate they are certainly unsolicited emails).
I have a cron job that runs once a day and deletes files from ~/tmp (not /tmp) after 7 days and ~/Downloads after 30 days.
Stuff of a 'here's some notes I might need this afternoon' nature gets saved to ~/tmp. If it's something genuinely useful then it must be filed properly or hit the bit bucket next week.
Like the old argument about 'brainstorming'. Someone decided that would be offensive to people with epilepsy and decreed it henceforth be known as a 'thought shower'. But then someone actually asked the people who actually were epileptic and they laughed: https://www.epilepsy.org.uk/press/facts/brainstorming-offensive
A couple of weeks ago I found a lot of websites I use regularly kept crashing in Chrome on Android (repeated 'Aw Snap' messages). So I downloaded Firefox and found it works just as well as chrome (but without the errors).
While I was there I noticed it was easy to search DuckDuckGo instead of Google and indeed to set it as default. First time I'd used DDG and its actually pretty usable.
So, while Google still know my location etc they don't know what I'm searching for.
Also I noticed there were a lot of websites where audio recording and camera permissions popped up in Firefox - no idea why, they were just news sites etc - ads triggering these permissions? Needless to say I denied them as I have no need to use audio or camera from within Firefox.
So yeah, use a different browser sometimes.
Our local rag's website shows the first paragraph of an article then asks you to answer a survey question to see the rest of it.
Of course you don't have to actually read the question or any of the multiple choice answers, jabbing one at random works fine.
No idea who is paying them for the survey results but it can't be very useful data.
"no one can see what you're browsing with https" was never really true. The domain you are visiting is always sent in the clear during DNS resolution and the fact that you are connecting to a particular IP address is always visible (or the Internet protocol wouldn't work). Without SNI there was a one to one mapping from secured domain to IP address anyway.
What particular URLs you are accessing (below the domain level e.g. Pages within a site) is encrypted, and is still encrypted with SNI.
But Square isn't really innovative, St least in Europe. PayPal, iZettle, Sumup and probably others all have type chip and pin and contactless readers and offer a similar service to Square. The square reader doesn't even seem to have a screen or a pin entry keypad.
Obama's (and yes, Corbyn's) campaigns mainly used social media in an open, person-to-person way, sharing links and personal opinions amongst their friends etc with the source clearly attributed.
There is clear blue water between the two ways of using social media to campaign.
Our interviews are very real-world, and of course still many people don't make the grade.
Can I remember the exact syntax, APIs, class libraries etc for all of them off the top of my head? Of course not.
Absolutely, and what about me saying our interviews are very real-world made you think I'd expect you to know all the syntax etc?
In the real world, people use Google. They look at books. They ask people for help. No, we don't let people use Google in our interviews but we do give people help and drop clues. It tells you more if someone can pick up on a clue and run with it rather than stare at you blankly (or argue that your clue is wrong). If someone says "I'm not sure but I'd look it up" I'd ask them what they would look up - it's no good searching Google if you don't know what you are searching for. It's no good reading an answer on StackOverflow if you can't understand it and tell the good answers from the bad ones - so we give people code to read and ask them to find what's wrong with it, and why. Would this code work? Could it be done better a different way? What do you mean by "better"?
Still, I've had more than one candidate who couldn't write a 'for' loop without help...that much I do expect you to know, in at least one language...
That's certainly not true of everywhere. A lot of what gets written about recruiting software engineers implies the employer is awash with candidates and it's a case of whittling the list down to the number of vacancies.
In my experience that's often not the case, at least in the regions we work in. Our interviews are very real-world, and of course still many people don't make the grade.
Because the algorithms which are used to limit logins usually take into account the IP from which the attempt is made
Well don't use those algorithms then.
(I know, you could lock a legitimate user out of their account in that case, but maybe you could design some way to mitigate the impact of that, e.g. require a user to log in from a separate web system using decent 2FA or whatever to unlock their account in that case).
Why are limited login attempts not going to stop that happening?
Every time I change my work network password, I have to first stop my phone and email client auto-syncing with the server, otherwise I get locked out of my email for too many bad password attempts.
And if logins are automated, all the more reason for using long and complex passwords.
In our Computer Science department at uni (2003-2007) they had some network printers which were connected such that every page printed cost a few pence in credit. Students were allocated a couple of quid of free credit each term and if you used that up you had to buy additional credit using a coin box.
They also had stuck fixings to the printer trays with epoxy and used a padlock and chain to stop people fiddling with the internals, or taking paper from the paper trays.
Some bright spark figured out that you could walk up to the printer and print a diagnostics page from the menu, and it showed the printer's IP address. The printer had a FTP interface enabled and any postscript file transferred to it would be printed instantly. Of course this was all anonymous and bypassed the print credit charging system.
After that I don't think anyone seemed to run out of printer credits. One guy even took to printing a blank postscript file whenever he wanted a blank piece of paper.
Worse still, at least at that time universities had huge IPv4 address blocks meaning every PC - and yes, the printers - in the department had real-world public IP addresses. Not sure if anyone tried but I reckon you could have logged in to that printer from anywhere in the world, without any authentication, and printed stuff off.
Haigh also asked what assessment has been conducted of the consequences for (a) the UK economy and (b) national security of banning end-to-end encryption?
How could the government ban end-to-end encryption? Or rather, how could they enforce such a ban? Assuming they can inspect all internet traffic, encrypted content should be indistinguishable from random noise, so are they going to ban sending random data over the internet? Assuming not, an encryption tool could just hide genuine data in amongst a stream of random noise; there's no way they could force you to decrypt the random noise because it's impossible to do so, and no way for them to tell which of the packets contain encrypted content.
Of course they could prevent named service providers from offering messaging apps that use end-to-end encryption, but someone (probably abroad) would just create another one, or the terrorists will use PGP or something. We all know how well attempts at banning that went.
Biting the hand that feeds IT © 1998–2020