Posts by Fred Flintstone

Re: Hmm. You never......

"This isnt even remotely causing MS to panic"

You are starting to sound like a set of "Monty Python" sketches - "The Spanish Inquisition" or "The Black Knight" maybe

Definitely the Black "it's merely a flesh wound" Knight :)

Not zealots - hard core business realists

I rather object to the repeated use of the word "zealots" in the article, which seems to suggest the author has a bias.

IMHO, choosing proper open formats has got ZERO to do with religion or beliefs, but everything with realistic value assessment.

At the simplest level, it's a single source monopoly versus a diversified market - which option has the best impact on costs? At a political level, there is the question if handing off money to a foreign entity instead of fostering local spend is not worth reconsidering. At a standards level, do you really trust a standard which is not even that well controlled by the people who WROTE it, or do you use one which has been a well evaluated standard at EU level, one that was arrived at through proper consensus (instead of bribing the voting system) and which incorporates the needs of all, not just a prescribed set of features dreamt up by an entity that's not even paying tax here?

And finally, the ILoveYou virus already showed the danger of a monoculture, and there is really only one standard that works reliably and renders relatively true on ALL platforms instead of the selected few. Hint: it's NOT OOXML. Heck, I can't think of anything LESS deserving the moniker "Open" - it's a travesty.

Re: Mental exercise

Couldn't you just get Macs and spend more time with friends, family and loved ones?

It's a home situation, and given the budget sensitivity I suspect there is no appreciation of long term costs (which is where Macs have real advantages). In addition, it means learning a new platform which is not everyone's cup of tea - many are scared of the new, and I must admit I wouldn't have switched either if I hadn't bought a Mac for research (it wasn't originally my intention to switch, but it took less than a month to realise OSX was -for my needs- the perfect platform).

In addition, it's not just desk/laptops they're trying to secure. In my opinion, he's actually identified an unaddressed market, it IS difficult.

Back to theme: I also recommend looking at Prey. I like how it works, even though they have to sometimes fight the OS to make it happen.

Re: Two words

Except that "Free" is an serious piece of misdirection that should not be allowed under advertising rules. If it was truly free you would not have to pay for it with personal data.

Let me quote you an example, directly from The Cloud:

"Your use of the Services is reliant on you providing us with authorisation for the use of your information as set out in this notice. If you withdraw your authorisation, from us at any time, we will remove access to the Service until you refresh your consent.

Any choices you make will be held separately from any marketing preferences you may have given to Sky and any of its Affiliates.

Well spotted if you missed something in there: you may be able to opt out of some marketing, but not from all of it. To me, this makes all the statements about it being "free" quite simply lies.

Your personal data has value, so be careful with it using it as a currency to pay for "free" services. If the data leaks, you will pay forever because you cannot change who you are.

Re: Of course your phone app is secure

I wouldn't trust my Bank to code its way out of a paper bag

Ah, the benefit of age - I recall a very good Usenet quote about this:

I work for an investment bank. I have dealt with code written by stock

-- Matthew Crosby

Amen to that :)

I cant see much of a problem with this sort of thing.

Until a couple of them collide, come out of the sky and spent the last bit of their kinetic energy making a nice dent in a roof or, worse, in a person (this won't just be used on the road). Or when the first people get convicted for invasion of privacy without the defence and lawyer budget of being police or a journalist. Or when Johnny End User forgets that batteries have a limited lifetime, or when the OS crashes and it bricks in mid air. Or ..

I can see *loads* of trouble ahead, but also a new market in drone jammers :).

Re: always amazes me

Its a bit like the USB charging ports in Heathrow Terminal 5, now thats an attack vector that just keeps on giving to the security services.

Ah, you mean the Sony charging towers - they're everywhere now. IMHO a VERY clever information acquisition ruse - I must rig up a phone one day to detect the connections it experiences whilst hooked up.

Re: pip pip pip pip...

when the pips sound, you have to put more money in

Or bluebox it? Been a while, sorry :)

Re: The Lawyer from Lima

Did you also spot that this good man was already talking about untrustworthy code in those days?

To guarantee national security or the security of the State, it is indispensable to be able to rely on systems without elements which allow control from a distance or the undesired transmission of information to third parties. Systems with source code freely accessible to the public are required to allow their inspection by the State itself, by the citizens, and by a large number of independent experts throughout the world. Our proposal brings further security, since the knowledge of the source code will eliminate the growing number of programs with *spy code*.

A very stylish, elegant and pretty lethal put-down.

Re: Cawing of the Vultures heard by more IT pros than ever before

First off, hat off yet again to El Reg.

As for commentards, I sensed more a dip in S/N ratio. Now that some of the N has gone, S has improved so cheers all around!

Re: WBAGNFARB

Ah, methinks I've found another Dave Barry fan :)

Re: Not sure if I trust this....

Do something simple: look up the MX record (mail exchange) so you know which server handles their email, then run a geo location on it.

; <<>> DiG 9.8.3-P1 <<>> blackphone.ch mx

;; ANSWER SECTION:

blackphone.ch. 600 IN MX 10 mail.blackphone.ch.

As with Silent Circle, you'll end up in the US. Game over. If a company cannot be bothered to take care of its client's privacy in EVERY detail, I'm not interested, and I predicted the manner of closing of Silent Circle before they even went live: US law.

It may be good technology they're developing, but as long as there is even a whiff of US involvement around this it's worth avoiding. All you'll do is mark yourself as a target.

Partially yes but mainly because for the first 100 -150 years of the US they completely ignored foreign patents and copyrights

.. which is a point that Cory Doctorow has made repeatedly, making the vast patent and copyright industry that exists now (and their whinging at China for principally doing the same) and all the associated chicanery in law and international politics just a tad hypocritical IMHO.

BTW, I second the general upvote of the article - it was interesting, informative and insightful.

Meh - you'll have to get them to fly first..

Re: Definition required

The internet does not force you to do anything that you don't want to do. If you want privacy; don't do anything in public. The internet is after all very much a public affair..

It's not that easy. Most adults without a tech background have no idea just how much data they hand over when using online resources, and the sole aim of the likes of FB and derivatives appears to be to goad our kids into an online life before they are old enough to realise the damage that can cause to their lives.

We have to be a bit more intelligent here. What was subverted (random generator) was already flagged as a bad apple a couple of years back, and discarded for serious use. What we learned now is that that lack of quality was no accident which creates integrity questions for the company in question, but it does validate the idea of publicly exposed crypto that needs nothing but follow Kerckhoff's principle.

In this context hides a bit of irony: AES256 itself is pretty much OK, possible because it wasn't actually "A" to start with, but Belgian (it was originally called Rijndaal). :)

instead of shovelling coal on the flames

Good heavens, Trevor, are you ill? :) :)

Happy holidays everyone. I hope you all have a great time.

Same here. Ho ho ho :)

The ICO is a joke.

Not quite, but they can only exercise the powers they have. If law makers decide to neuter their effectiveness by denying them the tools and fines they need to be effective, you cannot blame the ICO for that. As organisations go, I have actually found them refreshingly accessible.

And it only cost them ~ €30 million more than upgrading to a current version of Windows

Yup. Once. And it's worth every penny, sorry cent for them because what they will NOT pay for is:

- the resources to keep it all working (aka the daily reboot)

- the massive resources to stay patched and current (aka the Tuesday network stop)

- the license surveillance costs (aka the FAST protection racket)

- the costs of letting people work from home - as there are no real barriers to let people copy this

- any further costs of expanding this idea across THE WHOLE OF GERMANY

Oh, yes, I suspect the MS marketing machine must be gearing up for total warfare. This is going to cost them, big time. Once this story hits the FT, company bosses with a clue will want to know why they are blowing so much money on MS. Fortunately for MS, those bosses are still relatively rare.

Didn't happen here. I bought one because I need to test things work on an iPad too, and although I found it useful for quickly sketching ideas, to me it's more about consuming content than creating so the laptop is certainly not threatened. It's a good tool to create a platform for a sales person to take an order. It can present, and it has enough input to take small amounts of data but the relation is asymmetric - LOTS more data is presented than is accepted, and that works.

I think this is key to the debate: we're debating a universal statement whereas its validity really depends on your use.

what the fuck is a 'co-traveller'?

Lice? We ARE talking about bugs, after all.

Re: Bandwidth?

It's not just bandwidth - it's also about

1 - remaining audibly undetected.

2 - being able to RELIABLY receive that data (remember, adding an ACK in this process will cut your available bandwidth again).

3 - being able to discriminate the relevant sounds from all the environmental noise.

4 - do this in code that remains undetected in size and resource drain

5 - being able to infect another machine from cold with this.

Sorry, I'm not buying it. I didn't the first time, and I don't buy this one either. Not even in a (vewwy, vewwy quiet) lab.

Re: Low power PC

It depends a bit on what you need. With the "everything in a box" approach you buy the box, two disks and a short while later you have a NAS with options (looked at the DLink - cheaper but not having the features I need). Even people who are not that versed in IT will get this to work, and I'm all for anything that promotes people making backups.

OTOH, if your needs are more complex, there is indeed tech enough to make that happen but that's for a different, tech-savvy audience. A friend of mine built a setup which is NAS + VM server - that is simply a different proposition (but so cool that I'll probably go that way too, provided I can keep the noise down).

Re: iptables is your friend

Gordan, I like this one. Goes in my list :)

Re: Tin-foil hat time...

I'm sure you're right, but what I really read in that message is "don't use the Adobe Reader". :)

Re: No Combustion Involved

Frankly, I think he should be glad he wasn't smoking at the time..

Re: The CLOUD!

I like this explanation :).

I should give them a call..

.. to enquire what anti-virus product they use themselves.

Re: Cheap at twice the price

> prices of up to £800 an hour, which would seem expensive

Isn't that why MPs have expenses?

Yes. At the established value of £1645 (thank you, parliamentary enquiry), this comes in as a shade under half a duck house.

Personally I think the first company that brings out a device with a keyboard like the BB of old will make a killing, regardless of OS. I know people that seem to be able to type War & Peace on that keyboard.

I was more thinking of pong - just for the contrast :)

Re: How do 'high-altitude balloons' and WiFi/ISM ...

the Google balloon will need to be very high or otherwise linked into a mesh

I was just thinking the same. If they don't set this up into some sort of MANET mesh this is unlikely to be very resilient.

Re: all your base belong us

No, given the logic by which these agencies work I suspect it will end up with a ban on the use of Powerpoint :)

Re: Walking VS Standing

I'm more looking at this from a BOFH angle - it's got great potential :)

Re: it's Washington Uni, not Washing ...

Also, IT angle? :)

Hotspots? :p

Re: I recall the 90's

Quite correct - OS-X is already on over 2,000 security vulnerabilities - versus Microsoft's worst ever OS - XP - on about 600....Ditto Linux distributions - e.g. SUSE 10 - over 3,800 vulnerabilities. IOS has had over 400 security vulnerabilities to date. But all of these never really hit high market share percentages.

You know that the "k" behind the 600 has a meaning too, don't you?

How many single points of failure does your economy need?

The problems with the cloud summarised in one sentence - epic :)