* Posts by Oninoshiko

1949 publicly visible posts • joined 6 Oct 2008

China calls for realtime censorship of satellite broadband

Oninoshiko
Big Brother

The real news

Is that China doesn't require this already.

Big brother because, China.

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices

Oninoshiko
Big Brother

Does noone know how CVSS works?

CVSS ratings have nothing to do with how many instances of it are out there. They are a rating of how easy it is to exploit and what exploiting gets you:

In this case:

It can be exploited remotely

Without difficulty

With no user interaction

To run arbitrary code

As root

That's easily in the 9 - 10 out of 10 range.

As to how widely it is reachable on the open Internet (which again, is beyond the scope of the rating), he got around 400k Linux machines to happily run his benign payload. If I want to build a bot-net, that's not a bad one.

As to not waiting to disclose, he disclosed because someone had leaked it. Once it's out there for bad-actors, full disclosure is the only responsible thing to do.

Intel frees its Foundry biz – and that's just one of many major shake-ups today

Oninoshiko
Facepalm

Question

If you're, for example, AMD, would you trust the separation that's supposedly now here between Intel foundry and Intel design? I wouldn't.

This is useless unless it's a full, Global Foundries-esque spinoff, but Gelsinger wants to MAKE chips... I don't think he has it in him to really do what's required.

Pokémon GO was an intelligence tool, claims Belarus military official

Oninoshiko
WTF?

Wait what?

Every military on the planet has issued statements about Pokemon GO, including all branches of the US military.

I'm not sure how the theory it's a CIA tool has been debunked. I mean, there's at least enough ties that if I where head of a non-US national intelligence agency I would be not permitting it.

John Hanke, founder and CEO of Niantic was the previous founder of Keyhole, Inc, which was invested in by In-Q-Tel a venture capital firm started by the CIA.

Gilman Louie, board member of Niantic, is on the President's Intelligence Advisory Board, U.S. Department of State’s Foreign Affairs Policy Board, and has been awarded National Geospatial-Intelligence Agency medallion, the CIA Agency Seal Medallion (twice), CIA Director's Award, the Director of National Intelligence Medallion, amongst others.

Does that mean it's a CIA tool? I'll leave that to the reader to decide, but that's some pretty heavy connections with US intelligence.. and of course, the CIA has never lied.

Of course the Internet Archive’s digital lending broke the law, appeals court says

Oninoshiko

Maybe because

Maybe because we don't allow child labor anymore?

Oninoshiko

Not completely true

During COVID internet archive stopped enforcing the 1:1 rule. Publishers were afraid to bring a case and get a ruling that 1:1 was legal, but once IA did 1:many, even briefly, the case practically writes itself.

IA should have known this was inevitable, but they misjudged what they could get away with.

Admins wonder if the cloud was such a good idea after all

Oninoshiko

Re: Cloud is a financial model not a technology

This is correct, if you need less then a full server then running on a cloud-providor can result in savings. Once you hit a certain point however, moving your baseline load to privately owned servers is beneficial, only using cloud-providor for peaking-load.

This also has the side effect of helping you stay more vendor neutral, allowing you to put that load on whoever's the cheapest at the time. This has been the case since before "cloud" became a buzzword for "someone else's servers."

Rust for Linux maintainer steps down in frustration with 'nontechnical nonsense'

Oninoshiko

Re: Microkernel

Actually, with a sufficiently well designed IPC system, you don't even need hand-coded assembly. Just take a look at what some of the L4 kernels accomplish.

Now, you have to be willing to unshackle yourself from the overheads of the Linux API / ABI. Of course, you can always run the Linux kernel as a usermode process, but trying to build a microkernel that is fully Linux compatible is a fool's errand. I mean, almost all of what Linux provides would have to be provided by user-mode daemons anyway.

AMD reverses course: Ryzen 3000 CPUs will get SinkClose patch after all

Oninoshiko

I'm glad they increased the range on this, I just wish it had been from the start.

Google is a monopoly. The fix isn't obvious

Oninoshiko

"That still leaves one company with a monopoly on Google Search and one company with a monopoly on those paid search ads."

I think it's slightly worse then that, let's say you do break search and ads, how does search make money at that point? Right now search is given away to drive the advertising behemoth, and the same can be said for much of Big G.

I can see splitting off Android, Fi, maybe YouTube (I think they are independently profitable on their own ads now), but the rest? I don't see how it works.

Intel, already adrift, now Armless too

Oninoshiko

Re: Selling their ARM shares for ~150 million ? What's the point ?

It's got to be more of a savings then what they got for dropping the fresh fruit from their campuses

Palo Alto Networks execs apologize for 'hostesses' dressed as lamps at Black Hat booth

Oninoshiko

Perplexing

I mean, I get "normal" booth babes... we can argue about if its a good idea, but I think we all at least *understand* it. What I don't get what the thinking behind the *ahem* "attire* in this case.

404 Boss not found — Bye bye ICANN CEO Chehade

Oninoshiko

Re: Up vote

Generally when something can't be found in DNS, the reply is NXDOMAIN.

Unfortunately many ISP have started hijacking this useful response (along with the useful 404).

£280k Kickstarter camera trigger campaign crashes and burns

Oninoshiko

Re: Risk?

KSes do not guarantee the project will accomplish it's goals, only that the backers will get their rewards. This becomes an issue when the reward is a copy of the product (the goal). The original intent was cases like the Reading Rainbow kickstarter, where almost all the rewards where things like tee-shirts and mugs, the funding goals where to get a reading-show produced and in the hands of children.

Robocalling Americans? That'll cost you $1.7m

Oninoshiko
Mushroom

Can't we just shoot them?

Feds: Bloke 'HACKED PLANE controls' – from his PASSENGER seat

Oninoshiko

Re: Why is this so hard to understand?

I can commit the perfect murder.

That doesn't mean I DID commit the perfect murder, or that I have murdered anyone.

Why is this so hard to understand?

Lightbulbs of the future will come with wireless extenders and speakers

Oninoshiko

Re: a light switch that cuts all power to the light...

Well I have good news for you! If you take a bunch of mono channels and put them together you get surround. then you just need the LFE channel.

Doesn't make it any less daft of an idea though (just like all the IoT garbage).

Don't look now: Fujitsu ships new mobe with EYEBALL-scanning security

Oninoshiko
Coat

Eye wouldn't be to worried about this if eye where the cops...

Eye will be going now.

Infosec bods demo GPU keylogger. Don't tell the NS... oh, wait

Oninoshiko
Trollface

Remember

Linux doesn't get viruses.

Swedish Supreme Court keeps AssangeTM in Little Ecuador

Oninoshiko
Facepalm

Re: Little

They are talking about the embassy.

Can we get a clue-bat icon?

Massive police 'heavy equipment' robot drags out suspect who hid inside television

Oninoshiko
Stop

Re: Where's a frackin...

You don't really expect elReg to use that useless image for something useful do you?

Extreme community policing: West Virginia crook pepper-sprays HIMSELF mid-robbery

Oninoshiko

Re: picky error in headline

And to residents (I'm told) it's pronounced "West By God Virginia"

Smart grid security WORSE than we thought

Oninoshiko

I would say paranoia

but it's not paranoia when they are really out to get you!

Oculus Rift VR bucket will be seen on noggins near you in 2016

Oninoshiko
Trollface

Re: You won't see people walking down the street wearing one

well, people won't see you when walking down the street wearing one.

Zuck'ed up: Facebook opens up free internet in India – but bans HTTPS

Oninoshiko

It might have taken less time to list what you CAN do on it.

Bruce Schneier's Data and Goliath – solution or part of the problem?

Oninoshiko

"Both justifications prevent Google and Facebook from exploring new, imaginative and mutually useful (to customer and provider) ways of doing business. Ways that don’t require data collection and hoarding."

I'm not sure this is a solid argument to Google that they shouldn't horde. While I can imagine many businesses that don't require hording, it's only VARY few that the hording actually precludes.

So, as the meme driven kids today say: "Why not both?"

(note: I'm not really suggesting that I want google to track everyone. Just that this argument is not something that they are going to find compelling)

Amazon boss Bezos' Blue Origins declares test flight 'flawless' ... if you overlook one snafu

Oninoshiko

Re: Twig minus berries

I suppose that makes it more (in)appropriate that I misread "blue origins" and "blue orgasms"

Oninoshiko

As the Americans say:

So, other than that, how did you enjoy the play, Mrs. Lincoln?

What is Apple's idiot tax on Watch these days? 'About $265 or 80%'

Oninoshiko

Re: Idiot?

Everyone pays one idiot tax or another.

I bought some imaginary space ships, myself.

Get over yourself.

ICANN's bill for clawing global DNS from Uncle Sam: $7m and counting

Oninoshiko

Re: When is this farce going to end ?

Borderline?

Complete corruption.

Who thinks Microsoft Edge sucks? Erm, Microsoft

Oninoshiko

Re: Gazthejourno

I hope you're going to leave it up. I have no idea who he's responding to, but that's hilarious.

Oninoshiko
Facepalm

Re: Hatters Will Hate!

Pretty sure the part that sucks is them buying a bunch of "edgesucks.com" type domains (considering that's what the story was talking about). elReg doesn't just report on MS doing that, there have been numerous articles in the past about companies doing that.

But you want someone to identify something that sucks about it, fine: when you go to type in the address bar, you can't tell how it's going to respond. You can single, double, or triple click it never highlights. Sometimes backspace deletes the entire text, sometimes it it backspaces a single character, and it never gives any indicator as to what it's going to do.

Feel better?

Oninoshiko
WTF?

You'd have to REALLY think a product sucks to spend 2.5 kUSD for the domain to protest them.

This is Sparta? No - it's Microsoft Edge, Son of Internet Explorer

Oninoshiko
Megaphone

Re: Microsoft Marketing

In fairness, Joe Belfore makes me want to punch Joe Belfore in the face.

"Edge" make me think of someone at the top of a building about to off themselves.

SUPERVOLCANIC MAGMA reservoir BUBBLING under Yellowstone Park

Oninoshiko

Fed-up Colorado man takes 9mm PISTOL to vexing Dell PC

Oninoshiko

Re: Err...

If you think Dell PCs are not enemy combatants, you've not worked on one!

Oninoshiko
Joke

Re: What we need to know

true, but before you do, every PC is full of holes...

Neurobabble makes nonsense brain 'science' more believable

Oninoshiko

Re: Sliding in....

Microsoft (what? they aren't evil enough for you?)

Labour policy review tells EU where to stuff its geo-blocking ban

Oninoshiko

@1980s_coder

I don't even get the opportunities they think they are losing.

"OH NO! Too many people might BUY MY PRODUCT!"

I don't think anyone is saying they have to make it mulit-lingual, just that if you sell it, you have to sell it to everyone on equal terms.

LA schools want multi-million Apple refund after kids hack iPads

Oninoshiko

Books!

They are cheaper and more effective.

(at least if you buy them from a reasonable source rather then the usual suspects for textbooks)

'Arkansas cops tried to hack me with malware-ridden hard drive'

Oninoshiko

Re: Possible, but shouldn't cops know better?

Then they should employ someone who is or face the consequences.

Ignorance of the law is no excuse.

What's Meg Whitman fussing over: The fate of HP ... or the font on a DISRUPTIVE new logo?

Oninoshiko
Meh

It's not bad. It's just not good either.

Nvidia's GTX 900 cards lock out open-source Linux devs yet again

Oninoshiko

"This almost certainly doesn't affect any other Linux developer or user in the slightest, since there is already a better and more optimal nvidia driver out there for free (nvidias own Linux driver). Yes it doesn't come with source code, but that is mostly if not completely a philosophical rather than practical limitation, since who in the real world ever has an actual need or even desire to dive in and modify video driver code?"

That's not true. Because linux is a monolithic kernel, the nVidia driver potentially has access to the entire memory space. Because of this ANY bug you are experiencing with the kernel cannot be ruled out as a nVidia driver problem (potentially other software too, but usually it's trying to track down a kernel problem).

This isn't just theoretical. nVidia has shipped buggy drivers, and it's much harder to get dev attention if you're running a tainted kernel for this reason.

WHAT did GOOGLE do SO WRONG to get a slapping from the EU?

Oninoshiko

Re: What a peculiar misreading of this article

I think that's a pretty obvious "no."

Oninoshiko

"I think you're missing the point. The billions of desktops don't know how or <u>don't desire to switch engines</u> tomorrow, that's the problem!"

No, that's not a problem. That's google doing search well enough that it's not worth the time test every piddly competitor. Here's the reality, 94% of my searches put what i'm looking for on the first page, another 4% I have to dig deeper, and the last 1% gives me nothing useful. I only marginally care about that 4%, and only REALLY care about the 1%. The problem is, the competitors don't do them noticeably better.

So, tell me, WHY should I go out of my way to use something that isn't better?

"Have you actually tried to write a competitor site and then tried to actually get it promoted? When Google is the one controlling the views of billions of desktop, how do you think your company, who is a direct competitor, is actually going to fare regarding promotion when Google controls the view and, unchecked, will also stop you from being noticed at all?"

Even when you AREN'T a competitor to Google this is a problem. The already established site is who Google's going to rank higher simply because it's more likely that's what people are looking for. What do you purpose, have Google list in reverse order of relevancy?

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

Oninoshiko

Re: "Enterprise ready"

I'm glad I wasn't the only one to see this problem.

Guess I'll be uninstalling chrome. (which is unfortunate. It works fairly well)

Adobe, Level 3 drive a stake through heart of vid-stream creature before it attacks again

Oninoshiko

Re: It's great that the USPTO is finally getting on the job...

Invaliding a patent is one thing, but I'll believe they are actually doing their job when I see them start rejecting this garbage to begain with!

NSA: 'Back doors are a bad idea, give us a FRONT door key'

Oninoshiko
Facepalm

Re: I get it, but

"I agree they need scrutiny by an independent organisation, but I trust the people working in these agencies more than I trust the politicians in charge.."

Then you're an idiot. They've been caught, numerous times, spying on people because they have a nice set of tits.

Videogame publishers to fans: Oi, stop resurrecting our dead titles online

Oninoshiko
Trollface

Re: very fair and balanced

elReg takes the piss out of everybody. If you want "fair and balanced" go to foxnews.com.

China weaponizes its Great Firewall into the GREAT FIRE CANNON, menaces entire globe

Oninoshiko

Re: So, what now?

One better. have the DNS servers start returning NXDOMAIN, or a link to an explanation of the problem, not just for the analytics domain, for all of Baidu.