Re: Why root?
“Are there any benefits to rooting any more?”
Perhaps to remove the pre-installed bloat/spyware running in the background eating up battery life, and to regain a modicum of control over the sharing of personal data.
530 publicly visible posts • joined 1 Aug 2008
That would be a de facto admission that the trolls had a valid claim to waive.
Why not ask for a token (or real) amount to not pursue a suit against the trolls for threatening unfounded litigation?
What I find difficult to understand is why news and magazine organisations, that have their own advertising departments and decades of experience in serving first-party advertising to print and broadcast customers,, find it necessary to give so much of their on-line income to the likes of Google.
I have had an Android phone (Moto G4+) for a few years and have never had to “sideload” anything. Aurora seems to take care of installing apps that other stores struggle with. I have not tried any Google apps (and disabled or removed the default ones), but Play Services, Carrier Services, Chrome etc. seem to be available
I use open source equivalents for browsing, maps, telephony, two-factor-authentication etc. Anonymising app stores supply useful proprietary apps such as DuckDuckGo, hardware controllers, travel timetables, news subscription and shopping.
Play Store is not necessary. There are alternatives such as Aurora Store available in F-Droid (a free as in open-source android repository) that will get anything from Play Store for you while hiding your device from Google (although the installed app may try to steal and sell your data).
@Mark 85: “Forward articles like this one to the beancounters”
Beancounters are preprogrammed to ignore articles like this and all “technical” advice. They only take notice of other beancounters opinions. That's why, as a profession, they rush into bad decisions like proverbial lemmings.
Your favourite spy agencies may well include such as the Home Office, DWP and your local council etc.
The problem is that paper communications are rarely printed on the official's desk, but in the mailroom for posting by junior staff. We will have to wait for the home printer code templates for the Home Secretary and PM to be circulated on the intertubes.
The version numbering “quote” is just a wind-up.
SLE-15 gets its name from its shared codebase with the openSUSE Leap-15 distribution.
openSUSE skipped a version 14, and went from 13.2 to Leap-42.1 as an anniversary homage to “the answer to everything”. The first S.u.S.E release was numbered 4.2 for similar reasons.
My ex-Android phone runs Lineage and uses F-droid as its main repository, with occasional forays to Amazon's app store for IPlayer Radio, etc. DuckDuckGo, Firefox, Chromium, OpenStreetMap, CSipSimple, FreeOIP and an SSH provide the most used functionality. I do not have a Google account.
The problem for general acceptance is the pressure from government, banks and large corporations to use their closed-source (and hence of dubious trustworthiness) software that is only available via Google or Apple. I do not understand why these organisations cannot make thir stuff available from their own sites, or sign it themselves and make it available from other repositories. Perhaps they are concerned to maintain their deniability shields when their clients money or data goes walkabout. They do this by promoting inherently insecure protocols and then placing the onus for security on the end-user.
Nothing will change until most legislators are more familiar with STEM subjects than politics and self-promotion.
I think that you are confusing addiction and habituation. The major difficulty in givving up psychologically modifying drug as is habituation' But nicotine is capable of providing a pharmacological dependency in the same way as opiates.
Nicotine is definitely a neurotoxin. It used to be used by biologist to slow down neurotransmission and anaesthetise (and kill) invertebrates.
This is just the tobacco industry trying to protect its market-share with a derivative product. They are more interested in creating new addicts than helping people give up tobacco. The advantage for the industry in removing the tar is that their market does not die off so rapidly.
If a web-site is only publishing information and not collecting secrets from the viewer, then the whole HTTPS, certificates and encrypted traffic is superfluous and an unnecessary overhead. Not everyone is involved in data slurping or transmitting private information across a public network.
As far as I can see, the source for components of CopperheadOS is provided. The kernel will be GPL-2, which was chosen by Linus specifically to permit a binary lock (as used in TV boxes), and openAndroid is Apache-2. Their non-commercial licence appears to be for the flashable ROM images that they construct for specific hardware configurations. These images are maintained, made freely available to hobbyists, and are licensed to hardware suppliers.
Their problem is with commercial operations using their ROM images without permission. This is analogous to Red Hat being tolerant of Centos recompiling their source code and making it available under the original licences, but being very unhappy with Oracle selling a Red Hat Clone under their own name and taking out a single support subscription with Red Hat. CopperheadOS's problem is the cost of locating and suing multiple organisation s cloning their images. Their only option is probably to stop the unrestricted free downloadable images, at least for new models.
I have never understood why any charity would choose to use the high profile commercial “giving” companies. It only takes a few minutes search to find (in the UK) at least one free service, run as part of a major corporation's community effort. The only fee incurred is the one that that the donors card company may make for a “cash withdrawal”.
It is also possible to minimise bank charges (in Europe anyway) by setting up a donations bank account and publishing the details needed to effect a direct funds transfer. If an email address is used as the donor's reference, it is possible to send “Thank You” acknowledgements as batch jobs.
If portable personal computing devices are to be used, then Chromebooks can be a good choice provided that they are retro-fitted with a suitable stand-alone operating system (i.e. not dependent on an Internet connection to function). The hardware is relatively lightweight and cheap.
However I feel that the the most useful educational electronic technology is the monochrome e-reader. It can give a cheap, low maintenance access to an enormous library of written texts (downloaded/updated at school), and has sufficient interactivity to be used with self-testing material. A couple of years ago I repurposed (swapped the internal flash memory) a bunch of Kobo devices that were purchased retail for less than £30 each.
>You are basically arguing the merits of security through obscurity there...
The rationale is not so much for security as considerably reducing log-file sizes (and increasing readability), plus taking some load off system resources by sidestepping continuous brute-force onslaughts.
If the machine was for business use, then the lost data may well have been hundreds of text files (orders, invoices, etc.) or financial data files etc. and only occupied a few hundred MiBs. Not everyone has extensive video collections. I am also told that some lucky people have fibre and reasonable upload speeds.
I am in no way condoning the blatant disregard for the safety of their customer's data by TalkTalk or any one else. I think that severe punishment has been long overdue. Most large organisations, including banks and government departments just don't care. The directors deserve to be barred, as well as the companies facing punitive financial damages. This corporate behaviour is wilful negligence.
However given the information presented in the article, I do not understand how this data loss is sufficient for a victim to have their their "bank account raided", and would appreciate an explanation of how it could be done. Hence the title.
Could you please explain how a bank account could be raided using the victim,s name,e-mail address, partial credit card details etc?
I can understand that a direct debit might be set up using the victim's bank account name and number. However the bank that receives the money bears the onus of proving the transaction was not fraudulent,not the victim.
Most of the claimed consequential losses that I have read of are the result of phishing e-mail or telephone cons. They rely on publicly available directory data and perhaps an e-mail header. There is no requirement for stolen data even if that would make the fraud logistics a little simpler.
I am in no way supporting TalkTalk. They seem to outsource customer support and invoicing systems on the basis of price,not competence. The real problem is the general attitude among large companies who actively sacrifice privacy and security in the name of "user-friendliness" and glitz. TalkTalk,like many large corporations insist that their customers use security-weak mail servers and web browsers in order to to business with them. There is no reason for them to send mail from a server that does not identify itself correctly (PTR records and HELO responses), or for placing code from third-party domains on their web-sites, or using cross-site scripting for payment processing.
This is all part of a culture of technically incompetent senior decision makers. Just try to complain to a large bank or utility company. The standard response is "We are a large organisation, that pays our experts an lot of money. Therefore we must know more about these things than you, even if you are an engineer".
This seemed to happen quite randomly about two years ago. We had one direct debit payment account transferred, but not three others.
If you call TalkTalk Business they will transfer you back, but is similar to transferring from another unrelated supplier and you may have to set up the payment system again. You have to wait about two weeks and fend off the "please don't leave, would you like a discount" call from TT Residential. You will lose any fixed IP addresses (but if you have a technical problem then they get be converted to dynamic anyway -- that's how we discovered we had been transferred).
The problem is the relative importance of the EU Commission, and the distance between our Commissioners and the electorate. I can think of two remedies:
An "EU Office" with a Secretary of State in the UK Cabinet, responsible for the UK government's position in Brussels, and answerable to UK parliaments.
Making the EU Commission subservient to the EU Parliament.
"More or Less" on R4 and the World Service manages to be both populist and interesting/entertaining for the numerate listeners.
Once upon a time the odd programme that mentioned radio, sound recording or music production used to be able to produce an actual BBC engineer. Now all the technical "experts" seem to be journalists who get their technical education from Apple and Google's sales literature and press releases. The biographical pieces about STEM people are often OK, but they are about the subject's personal lives and careers rather than the STEM itself.
I live in Scotland too. The letter that you got, if the same as mine and my friends' (Galloway and Glasgow) was sent one to each residential property with a description of the registrations that had been migrated to the IVR, with a request for anyone whose details were incorrect or missing to fix it using the new system. Most of this should have been cleaned up on the old system last year with the high voter turnout for the referendum. However at least two MSPs (incuding Cabinet Secretary Alex Neil) were lost in the process.
The Electoral Commission stuff is reserved to the UK Government, so slights to the SNP or Scottish Government are misplaced.
I, and everyone that I know got our NI numbers when we left school or got to school-leaving age. Apart from some who came from other countries as adults nd had to apply for a NI number/card (employers used to buy stamps at the Post Office and stick them in their employees' cards, which required regular renewing as they filled up) before starting work.
When the physical card was done away with the name associated with my NI number inexplicably changed to that of a similarly named cousin. At various times I haave spent hours neganged otiating with clerks to correct their records, but throughout my life the name on some govt records has spontaeously changed to the wrong one with occassional cross-contamination. This causes enormous inconvenience when a (local) govt office gets the wrong name and absolutely insists that I provide identification with the name on their records, but not the one on my passport, NHS card, bank account etc.
Sorry for that, but I get really pissed off about it. When an inconsistency occurs in data sets it should either be investigated and fixed, or flagged and left; not just changed according to the toss of a coin.
The description of PFI missed the bit about the PFI contrcting consortia including banks, who borrow the money from the Bank of England at considerably less than market rates. Thus the whole scheme is an accounting sleight of hand to transfer public funds to private, while moving the cost of capital projects from one arbitary ledger column to another.
"... wasn't Minix based on a microkernel? Also GNU Hurd?"
Minix was a macrokernel design, based on Unix principles. But Hurd was/is a microkernel design. Minix3 is microkernel.
@Oninoshiko and @Lusty
I do not remember Linus T misusing the term microkernel. The main reason that the GNU community adopted the Linux kernel over the the more elegant microkernel designs was efficiency and availability. The performance of micro versus macrokernels remains problematic. When Microsoft announced NT, they claimed it woulduse a Carnegie-Mellon style microkernel, but actually used a macrokernel design. The MSliterature/press releases were a source of cofusion for much of the less technical technical press.
The converse of micro iis macro, and of monolithic is modular. The very early Linux kernels were moolithic macrokernels. When a kerneel wascompiled, the required drivers were compiled in. It did not take very long for modulesto be introduced, when at build time the essential hardware drivers and filesystems could be selected to be built-in, and the merely desirable to be compiledas autoloading modules.