What about liquid water?
87 posts • joined 10 Nov 2008
For a small business you can get away without infosec for, on average, a long time before it bites you. If you pay for it when your competitors aren't then you won't be as competitive as they are. Maybe the rise and rise of ransomware will have at least one up-side: disastrous compromises will become so common that, finally, most people will take infosec seriously.
Please Mozilla, make this an opt-in feature per site. Last time I wanted to try a Java applet on an ancient site I had to fire up IE because Java is apparently so bad that Firefox absolutely refused to run it. What makes them think web assembly will be any safer? Remember how secure Java was touted as being in the beginning, but the applet vulnerabilities just kept rolling in until it was worse than Flash.
20-metre towers? I thought 5G implied many small transceivers rather than the big towers used by previous generations. Like 5G was going to be small antennas bolted to every tenth power pole. Part of its advantage is supposed to be that each cell is very small and so only has to serve a small number of customers. I can understand people being unhappy about the need for new 20-metre towers on the basis of visual clutter, especially if there are going to be many of them.
I bet if they’d run it on a PowerPC based architecture they’d get different results again; different FPU, probably different arithmetic shortcuts
This is an OS issue, not a processor issue, and it's around the way filenames are sorted by default and nothing to do with floating point maths.
It's going to be very tempting for Google to try to kill off Firefox. At some point they'll decide that the search referrals they're paying for from the <5% browsing share Firefox has is worth less than the advertising losses due to ad blockers. The interesting thing will be to see whether Google's API changes dent the usage of Chrome due to its ad blocking becoming less effective. Ad blocker usage is well over 10% according to some stats and I'm sure Mozilla would love to grab some of those people if they abandon Chrome.
Therefore however the IP address is obtained (DNS, local hosts file) then the TCP/IP packet will have the IP in it as the destination, and the encapsulated HTTP packet will have a, literally, "Host:" header in it that contains the hostname (as opposed to IP address) in it.
If you type "http://220.127.116.11/" into your browser as Pascal suggests then it's going to send "host: 18.104.22.168". Anything else would break web sites that want to allow access to different content by IP number. The browser's not going to do a reverse DNS lookup and, even if it did, that would ruin the privacy that Pascal was trying to achieve. He didn't mention editing the hosts file; he just said "type in the IP address". Be aware that some browsers—at least Chrome—do their own DNS thing and mostly ignore the hosts file.
Your plan will almost never work. Let us count the ways ...
* Many web sites share an IP number amongst more than one web site, e.g., example.com and example.co.uk could be different sites both served by a server at 22.214.171.124. If you access the server using its number it won't know which site you want.
* Especially since we're talking privacy here, the sites will use HTTPS, requiring a cert for the address visited. The server will have a cert for the various DNS names it hosts but almost never will it have a cert for its IP number. So accesses using your technique will be totally insecure and vulnerable to interception and rewriting.
* Even if there was only a single web site on an IP number, the server will want to appear on the web as a single site. Not only does this simplify configuration and management, it avoids diluting the site's web presence across what search engines consider different sites. So requests to example.co.uk, www.example.co.uk and 126.96.36.199 will all be instantly directed to the site's preferred domain. This will cause a DNS lookup even if you typed 188.8.131.52.
* It can actually be difficult to configure web servers to respond identically to queries that use different names. Even if the server allows you to access content without redirection at both example.co.uk and 184.108.40.206, the content you see will often vary.
The problem is that the tractor detects that you’ve installed a new part and refuses to run at all until it’s blessed using equipment only possessed by authorised repair staff. It’s similar to ink jet printers refusing to use third-party cartridges because they lack some proprietary chip that marks them as authentic.
the state's higher court unanimously decided that there wasn't a difference and the cops could force a suspected pimp to unlock his phone by typing in the passcode
I can see how cops could physically force someone to swipe their fingerprints, though a determined suspect could make this quite difficult, with a serious risk of damaging the device. But there’s no way to force someone to enter a password, whatever a court may rule. You can coerce them with threats of fines and imprisonment, but you can’t actually compel compliance. That’s an advantage passwords have over biometrics.
is a pain for non-corporate use. You really need to buy two or three keys to deal with one being lost, stolen or failing. It's better for companies but I'm sure they're still not looking forward to their staff being forced to physically visit the helpdesk instead of just resetting their passwords over the phone. Of course, all those over-the-phone resets are a major attack vector which they should be closing anyway. Security costs money!
Are you expecting us to be at war with the USA any time soon?
The issue is not being at war with the US but being at war with someone with whom the US doesn't want you to be at war. Remember the Suez Crisis or, more recently, if the US was feeling more pro-Argentina and less pro-UK than in the 80s. Having Galileo means there's one less rug the US can threaten to pull out from under the EU in the future.
I dont really understand your objection.
Yes, the GST is great, etc., etc. What we're complaining about here is that Amazon appears to be refusing to collect Australian GST on the huge range of products in their overseas stores; instead, they're outright refusing to ship these to Australian customers. We can't get them even if we were willing to pay the extra ten per cent or, indeed, for any price through Amazon. It seems that Amazon is trying to aggravate Australian customers to spite our federal government.
Still, I'm not completely sure that the gloom and doom is all justified. The wording suggests that at least some of the products from international stores will be available via the Australian Amazon site somehow.
"You host anything, with a US based company, regardless of where the physical iron sits, Uncle Sam can Go Shoulder deep into your data and pull anything out he wants."
Bad news for you: it's not limited to US-based companies. Say you're a UK university with a small presence in the US for the purposes of purchasing, marketing, etc. What's to stop the US subpoenaing data held on a UK campus? You probably don't want to end up in a situation where university employees can't travel to the US.
"Copyright infringement is a crime. It isn't stealing, but it is still criminal."
Nope. It varies by jurisdiction but commonly you have to be profiting from your copyright infringement for it to be a criminal act. Using a Getty image for your school assignment isn't going to result in any criminal penalty, even if you use the high resolution versions.
'Quad9 won't “store, correlate, or otherwise leverage” personal information.'
And if the above is a lie our legal recourse is what? It's a free service so no contract exists. And I assume it's legal for police in the UK to lie to encourage people to incriminate themselves, the same as elsewhere in the world. I think there's going to be a large overlap between the likely users of such a service and the tinfoil hat brigade who won't be touching it with a barge pole.
How do you know the NDA isn't itself protected by copyright, or have you seen it, in which case, why not post a copy? There's a good chance that DJI only sends out the NDA to people who apply and there's nothing to stop them controlling distribution using copyright law.
The 4.7.7 update is just exactly the same patch as the 4.8.3 patch. WordPress appears to apply security patches to older versions going back a long way, which is nice. Updating from a 4.7 to a 4.8 release is not necessary for security reasons and will probably change the way your site looks, or even break it if you use customisations or plug-ins.
Best practice would be to have a test site to try any upgrade first, before upgrading your production site. I usually just risk it and allow auto-updates for patches that only increment the third part of the version number but changes in the second number are too dangerous to skip testing if your site is commercial.
The heads can read a narrow track but only write a broad track. So the writing partly overlaps within a "zone". Reading is as before but, if you want to write a track, you have to write all the overlapping tracks.
Obviously, don't use these in a write-intensive and/or random-IO environment. They're ideal for things like steaming video where it's almost all read-only, and the writes are huge files, i.e., mostly sequential.
I'm pretty sure that if the bank made a mistake whereby it lost $1T of funds it would be on the hook and the old "computer error" defence would not stop them being bankrupted. Also, I'd be very surprised if AUSTRAC needs to demonstrate criminal intent to nail the bank; incompetence alone should be enough.
Remember when they had stuff they really didn't want you to photocopy they'd print it in black on red or something? Because colour copiers and even scanners were not generally available. This 3D printing DRM seems about as stupid as that. It may annoy a few people at home trying to make a copy or two for their own use. It will have zero impact on the serious counterfeiters who know what they're doing and who will trivially work around this.
More to the point, as far as I can see the wide availability of cheap photocopiers has still not killed off the printing industry; ebooks are having more of an impact. The nearest equivalent for toys I can think of is VR headsets so maybe Disney should be concentrating on VR games featuring their characters. Kingdom Hearts III VR anyone?
"Anti-slavery legislation might trum [sic] warrant. It could be an interesting situation."
Anti-slavery legislation is just legislation, open to being overridden by subsequent legislation. We're not talking about the US where they have an anti-slavery clause in their constitution which will trump (with a small "t") any legislation.
"I expect to see a lot of researchers putting up warrant canaries if this ever happens."
This is not a problem for the government. Australia has already outlawed warrant canaries for some situations. If your legal system allows the government to outlaw revealing the existence of warrants then outlawing the revealing of the non-existence of warrants is but a short step.
"And what happens if they are asked a direct question about vulnerabilities? Are they legally required to lie? Even knowing that people will suffer loss due to their false reassurance?"
You don't have to lie; "I can't answer that for legal reasons" would probably be a legal response. If further asked what those legal reasons were then "I can't answer that for legal reasons" is, again, going to get the job done. It's going to convey much the same kind of impression as the phrase "helping the police with their enquiries".
Updating the software won't help. Decoding H.264 in software for even Full HD content, much less 4K, will be beyond the ability of any Android CPU. Going up to H.265 (HEVC) will be worse. Unless the graphics chip can provide hardware acceleration for a new codec (not going to happen) then you can forget decoding on that system. The sad reality is that forwards compatibility isn't worth attempting.
The move to increase the bit-depth (per channel) to 10 in the 4K H.265 standard is another example of why forwards compatibility won't work. Even if the processing unit could decode the video, there would be no way to display the 10-bit colour-depth on an old 8-bit display.
If the Dutch get too out of hand after sailing from Vlissingen, seems like an appropriate response would be some kind of return visit a few weeks later to celebrate the 208th anniversary of the bombardment and capture of the French port of Flushing. Surely they've got the mosquitoes under control there by now.
"both depend heavily for their traffic on showbiz trivia"
Wikipedia lives on donations, not advertising; therefore they don't depend on page views for cash. I'm going to go out on a limb and suggest that their donations are not predominantly coming from people interested in "showbiz trivia".
It doesn't seem likely that these criminals are cretins; I doubt they'd spend their time with ransomware if it wasn't turning a profit. Some people must be paying up. Even it none of the NHS trusts are paying up, this just means that the evil ones could improve their targeting, assuming they have any, but it doesn't make them cretins.
The talk of notices and counter-notices does sound like the DMCA is being used but this is claimed to be a trademark issue. My understanding is that the DMCA is for copyright only and not for other forms of intellectual property. As noted "Winter is Coming" is way too short to qualify for copyright protection.
Yes, apparently all the "Big 4" Australian banks decided just a few months ago that anything looking like an international transaction, even if entirely involving Australia dollars, was worthy of a full 3% bank fee. Any clues on avoiding this rip-off would be appreciated. Apparently some "platinum" credit cards are immune but gold and below are fair game :-(. It's particularly annoying because it's impossible to tell in advance whether international vendors like Adobe will generate the charge or not.
Could this be some kind of attack of the bean counters? Maybe their SMS gateway costs them more to send messages overseas. Also, they (and other sites that do 2FA via SMS) seem to have some kind of priority deal since the SMSes always arrive very promptly. I wouldn't be surprised if message validity expires before they are delivered overseas in some cases. Still, it's a stupid move to rate convenience over security.
'nor will those who publish crypto software, with the exception of when the technology applies to "weapons of mass destruction" '
How can cryptography apply specifically to weapons of mass destruction? If I publish general-purpose cryptographic software and a third party uses it to massively destroy stuff, am I on the hook? If not, what's the point of trying to control this stuff? If so, Defence's "not punitive" claims aren't very credible.
Biting the hand that feeds IT © 1998–2020