Posts by Charles 9

Re: Damage is done

"Maybe not an "appreciable migration", but there is a continuous trickle, and a slow bleed in the right place can be as bad as an open wound."

You're lucky. Many other businesses are locked in to Windows, not because of Microsoft itself but because their critical, irreplaceable, custom application was built exclusively for Windows by a company that probably went out of business and has no direct replacement; either that or getting a new version would kill the business faster than a crash would.

Re: Damage is done

"I certainly hope Linux will take some serious market share away from MS and if some serious AAA Vulkan games in Linux could be released then who knows !"

Good Luck. Bethesda (makers of one of the recent AAA's, Fallout 4) went on record swearing off Linux as too difficult to develop because it doesn't have a united user front (IOW, will be Red Hat or Ubuntu or whatever). Not even Valve's SteamOS is making any headway, and for whatever reason WINE (even a self-contained type a la DOOM using DOSBox) isn't even being considered.

Re: <gets popcorn>

Cutting edge games are among the most difficult to get through WINE, and you can probably forget about DX12 games working on them. As for a VM, that incurs serious performance penalties, not to mention, again, the newer a game is, the less likely it is to be VM-friendly due to the need to get closer to the GPU's metal.

Re: <gets popcorn>

But too many apps are Windows ONLY, to say nothing of games...

Re: So..

Lower risk, yes, but higher reward as well, so there will be blokes out there trying to escape the honeypots.

Re: So..

But each program you're forced to add in raises the threat envelope, because each app could itself become a vector, raising the chance the VM can jump the tracks and get pwned in a way the researcher doesn't detect, even to the point of possible hyperjacking (Red Pill attack).

Re: Hide, hide, hide ...

And that's only because the malware doesn't have a Red Pill payload: one specifically designed to be run in a VM to break out and attack the hypervisor...

Re: I don't see how that would work

The general understanding (supported by SCOTUS decisions) is that the primary condition is that citizenship was granted upon birth. This also implies that no procedure was taken to affirm this (no oath taken like in Naturalization). This happens to be consistent with English Law prior to the US's independence. Only jus soli is explicitly mentioned in the Constitution via the 14th Amendment (and reinforced in US v. Wong Kim Ark, 1898). Since jus sanguinis is neither allowed nor disallowed, under Article I, Section 8, it's left to Congress to clarify, which is does with the Immigration and Nationality Acts, amended over the years (and no document other than the Constitution itself can make the call for them, as Article VI explicitly states the Constitution stands alone as ultimate authority in the US).

Re: I'm confused...

"Until you manage to clear out all of the lobbyists, power-brokers, and pork-barrelling that is so prevalent in the US political scene, I think you should avoid calling other institutions "corrupt"."

And that'll never happen.

1) It's impossible to remove lobbyists completely. Even if you take the money angle out, there's still the "nice cushy job after you leave" angle as well as other, non-monetary, post-position influences that are pretty much protected on First Amendment grounds, as well as influence from actual constituents who can't be blocked without interfering with their primary duties. Finally, there's the family angle. How do you block lobbyists if they're spouses, who MUST be able to talk in order to raise their families?

2) Politics is a power magnet; it simply comes with the territory. And as long as there's power, there WILL be power brokers due to the human condition.

3) As for pork-barrelling, recent Congressional experience has demonstrated it to be a necessary evil. Part of the reason for the "Do Nothing" Congress' reputation is that they voluntarily limited themselves in the name of ethics but found their hands tied when it came to big bills. Smaller representatives basically have nothing to lose with voting against the grain because the communities they represent are too insular for greater politics to affect them. You need something close to home to sway them, and that means give-and-take, and the only things that will influence them enough is pork-barrel projects. In other words, pork is pretty much the only thing that can "grease" smaller representatives into getting on board broader projects that need their vote to pass.

So in the end, if you want a better government, you're going to need a better HUMAN first.

Re: The irony

"I've commented in the other thread about the fact that those most critical of ICANN have vested interests. Most people who've actually dealt with ICANN are perfectly happy, except for people whose particular get-rich-quick-with-DNS scheme was knocked back."

ORLY?

But the incumbent can influence things to squelch challengers. Plus, the idea is that it shouldn't come to re-election. Politicians should be held to extremely high standards of ethics and conduct. For example, not being allowed to lie would be a nice start.

Re: Wait.. What?!

Hmm, considering that these pipes would have to accommodate some 350 million people, then these look about right.

Re: I want to get WORMs when my spinning disks die.

High bit-per-cell drives are meant for WORM-like usage: call it WIRE usage: write infrequently, read extensively. You still need to worry about bit rot (provision error codes or similar) and controller failure (sudden catastrophic filure, have a duplicate)

Re: Live Linux?

"Raspberry Pi running from write-protected SD-card."

Known hardware. Would probably find a way to pwn the SoC and find firmware to overwrite from there. Plus there's no guarantee the evil device doesn't include an internal whispernet adapter that means it can link up simply by plugging in.

Re: What size?

"A really malicious device subverts the BIOS. So do the initial usb wipe on a machine you can afford to lose. And then wipe your BIOS."

Unless, of course, BadUSB prevents you from doing so. Plus if it manages to get onto a system and find a way to root it or whatever, it may go on to silently infect other firmware it could find (like drive controllers) and infect them one-way, to the point not even nuking from orbit can be sure.

Re: The urge to execute arbitrary code is growing stronger...

So what are you going to do? Go back to the Sears catalog? Oh, that's right. The State is now savvy enough to pose as Sears. Back to horse and manure piles and life expectancies under 60?

Re: Missed by this much!

Still, you have to wonder if trying this surface wave thing at the GHz range can cause resonance or other interference to filter back down into the MHz range. El Reg, after all, is full of complaints by amateur radio operators after earlier BPL attempts were introduced, and many of them weren't even that close to the units in use.

Re: NAT and firewalling and stuff

OK, since you spoke so politely.

1. For NAT to perform two-way communications, it can do one of two things:

(a) the inside computer can initiate a connection to the outside. The NAT records this and maintains the relationship for as long as the connection is open. Once it closes, the relationship is removed. Now, this usually only works for stateful TCP-based connections (UDP doesn't work this way so requires something cleverer to deal with it) and only if the connection is initiated from the inside. Now, it works most of the time because most connections on the Internet are TCP-based and from the inside.

(b) A skilled user can tell the NAT to forward certain classes of incoming connections (like specific ports) to specific machines. This is the usual means for a home user to expose a server or similar thing (like a P2P unit) to the outside. Otherwise, the server has to rely on outside help, making a bridging connection to some point on the outside.

2. Going back to 1(a), since HTTP, POP3, etc. are all TCP-based (stateful) and initiated from the inside, NAT can maintain these connections.

3. Gamers have one of two options. They can either open ports (solution 2) or use solution 1 to establish a bridge connection to a point outside. Your friends link up there and the system then passes the connections along.

One of the arguments for using NAT is that it's a different kind of firewall operation: furthermore, it's one that (by design) has to block incoming connections by default, providing a line against automated attacks (targeted attacks can get around this by exploiting already-opened connections the way web exploits work). The counterargument is that in IPv6, this is little more or less than another firewall, and you can achieve the same function with a second (or better) firewall.

Furthermore, it's not NAT in general that's being frowned upon: it's one-to-many NAT they don't want (because the spirit of the Internet is that any connected device should be reachable by any other device if it wishes to). Especially at the ISP/carrier level, this makes many endpoint invisible by force. They have no problem at all with one-to-one NAT, and indeed many techniques brought forth to mask a subnet's map rely on things that are essentially one-to-one NAT. It's like with the UNIX philosophy: one fundamental assumption is that policing should be a program's (or in this case, device's) own responsibility. Trouble is, reality intrudes and you find misbehaving UNIX programs and badly-configured endpoint devices, so the NAT proponents at least have a point. What some are wondering, though, is if the "automatic" shielding can't be achieved simply by offering a firewall with something like a "drop incoming by default, allow outgoing by default" ruleset.

Re: Work of the Devil, etc...

"So we can internet enable ebvery grain of sand, which is good because connectivity internetofthings future"

It's basically a way to ensure we don't run out again, much like how ZFS uses 128-bit provisioning to ensure filesystem limitations are never reached in real life (and before you quote 640K, physical limits would be hit first).

Re: What's worrying is that it's a Tesla

Corporations aren't afraid of no liability. That's why they're structured the way they are: to assure scapegoats. That's why executives NEVER go to jail unless it's for a PERSONAL crime.

PS. Don't forget radio jammers are illegal under the Telecommunications Act AND they're easy to detect. And the only legal alternative, shunting, has two strikes against it in a car: windows and lack of a ground.

And how much longer do you think it'll be considered street legal?

Re: There is no fix for this

Then we're all lost because the two MUST be linked in some way, hands-free, in case of emergency a la OnStar. It'll become mandatory soon enough to save lives.

Re: What's worrying is that it's a Tesla

So what happens WHEN (not IF) it becomes required by law?

Re: Another reason to remove/block the cellular modem in any car you buy

And if EVERYONE is FORCED to sell nothing but by law and your old car's days get numbered? Do you give up or stop driving?

I know for a fact at least one class of business MFP laser printers sold by Dell (333x series) are Lexmarks (Dell 3335dn = Lexmark X460).