But none nearly so scare as a phone compromised pre-manufacture.
Posts by Charles 9
16605 publicly visible posts • joined 10 Jun 2009
Page:
- ← Prev
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- 259
- 260
- 261
- 262
- 263
- 264
- 265
- 266
- 267
- 268
- 269
- 270
- 271
- 272
- 273
- 274
- 275
- 276
- 277
- 278
- 279
- 280
- 281
- 282
- 283
- 284
- 285
- 286
- 287
- 288
- 289
- 290
- 291
- 292
- 293
- 294
- 295
- 296
- 297
- 298
- 299
- 300
- 301
- 302
- 303
- 304
- 305
- 306
- 307
- 308
- 309
- 310
- 311
- 312
- 313
- 314
- 315
- 316
- 317
- 318
- 319
- 320
- 321
- 322
- 323
- 324
- 325
- 326
- 327
- 328
- 329
- 330
- 331
- 332
- 333
- Next →
Chinese mobe market suffers pre-pwned Android pandemic
At LAST: RC4 gets the stake through the heart
Microsoft backports data slurp to Windows 7 and 8 via patches
Re: Hard-coded?
"I have client data on my machines. I have a responsibility, defined in NZ law and other places as well as a simple reasonable expectation by my clients to do the best I can to protect their data. Now I have to wonder how much extra work I should be doing - whereas I would often let them do updates in the past (sometimes a great way to fix corrupted files where all else fails) now I have to think a lot more about those updates and whether or not they could constitute a breach in privacy. And I have to make sure my co-workers are aware of the same issue. Do we risk a privacy lawsuit by allowing updates to run on a machine while it's in our possession?"
Do you risk a privacy lawsuit by NOT allowing updates to run and leaving a hole open by which a hacker can invade your system and pilfer your client files? Sounds like pick your poison to me, especially if the software required for your business can't be run on anything but Windows.
Re: But you never do.....
"Now you may get something come up to say that there are "restricted drivers" available for your machine. These are often from NVIDIA, and are still easily installed - just for some reason they can't be automatically installed (I've not cared enough to look further into this, I just know message comes up, I click "install the driver" and it's done). That may need a restart (seldom), so if you've used a USB it should be able to load the new drivers, if not or on DVD don't bother."
The main reason is because they're non-free and have strings attached. I think the condition is they have to be explicitly permitted by root in order to be legal, plus non-free stuff in a distro is frowned upon as it goes against the Linux copyleft philosophy.
"As to the programs, that's another issue. I've found many install quite well on WINE, and there's the likes of Play On Linux and other tools to get things going that don't. I cannot recall it atm but there's other WINE-like systems out there, one maybe named "Cross Over" (can another commentard help here please?) - try them and if they work you're done with MS, enjoy a life of peace and running machines rather than stress, multi-hour multi-gig updates (with 10billion restarts) just to make a few bytes of change to a friggin web browser!), and lots of breakage."
CrossOver is simply an advanced, supported implementation of WINE. That said, the newer the software (particularly games), the less likely it'll run via WINE. In particular, support for Direct X 10 and up is known to be flaky. Plus I've personally had issues with graphics support on Linux, running afoul of multiple X crashes and kernel panics.
Re: Charles 9
"Actually, speaking from significant hours of gaming (I need a 48" monitor now just so I can see it past my gut!), DirectX is the lower-performing graphics system in many cases. Certainly when I've compared games between Windows and running them on WINE, they tend to play a lot better on WINE on the same hardware. This isn't always the case, but then I haven't really tried for a while either so WINE could be much better today, and of course there's various other tools to make it easier to use."
If they're running faster on WINE, odds are it's because the WINE run is using less-intensive graphics settings than Windows. For example, support for DirectX 10 and up is known to be flaky with WINE, so to turn the phrase, "Can WINE run Crysis?" Answer: "Yes, but not as well as on Windows."
As for my personal experience, I used to play TF2 a lot, and I personally noted the Linux port was somewhat slower and flakier than the Windows version. Also, despite owning a pretty recent AMD graphics card, support could get flaky, and I've more than once had spontaneous X crashes and even panics, no matter what version of driver I used. So let's just say I've been around the block more than once, and each time left me wanting. This whole spyware bit has put me in a very uncomfortable position since I want to jump but risk losing too much. I'd be more inclined if Valve could push to increase Linux compatibility, but until then...
Re: Charles 9
Kinda late for that, don't you think? I've stopped buying games altogether yet I still have the issue of my existing library. And 20% doesn't even cover a fair chunk of my library. Come back when it's closer to 90% so I don't have to leave the vast majority of my game behind. And the games that tend to run on WINE tend to be older ones, not the cutting edge (which will soon include DX12 games with their close-to-metal coding).
Re: Escalate beyond the hosts file?
Plus the IPs they resolve to are the same ones that host most Microsoft-based services. Meaning you can't block it without collateral damage.
Can anyone see if Windows Update is among those services, meaning blocking the IP also blocks future security updates, meaning you're pwned either way?
Probably hard-coded into the kernel, which is of course below the network driver which is below the TCP/IP stack. Thus why you have to block it outside the PC, thus why they use the same IP as assorted other services, thus why you can't block it without collateral damage, thus why serious gamers are pretty much stuck since there's no real alternative to Windows there.
Re: No block through windows
It's pretty simple, really, and one I'm not too surprised to see:
The IP address 64.4.54.253 resolves to a pretty generic Microsoft domain (ns2.msft.net), which means it's probably used for a variety for its services.
Basically, this means you can't block it outside your PC without collateral damage. I wouldn't be too surprised if it's also the Windows Update IP, meaning security updates would get blocked, too.
Web giants gang up to take on MPEG LA, HEVC Advance with royalty-free streaming codec
Re: There will never be a royalty free codec
But you forget. The consortium has patents of their own (take Google and how they bought the company that developed the VP codec series). Meaning if a submarine patent does emerge, whatever they're using it on is likely to be in conflict with one of their patents, meaning attempting to attack the consortium risks a patent war in court, with the possible result of their patent being invalidated. That's probably one reason MPEG-LA stopped attacking Google over VP8: because Google got patents in the buyout, too, which could potentially snarl AVC.
"And yet Microsoft is a member of the Alliance for Open Media that is developing the new codec. Perhaps they also would like to be done with the need to pay royalties for patents that many think ought not to have been issued."
And yet Microsoft is part of MPEG-LA last I checked, meaning they get a cut of the proceeds.
Sorry, Californians, you can't have this: Asus to build WATER COOLED notebook
Wileyfox smartphones: SD card, no bloatware, Cyanogen, big battery – yes to all!
Re: QI charging and NFC?
"Every time I see a new device come out that doesn't have a type-C port on it, a little tear forms in the corner of my eye."
Well, you have to wait. Type C only got approved recently, and it takes a while (at least six months in my book, usually closer to a year) for something like this to reach critical mass.
In redneck heaven, internet outages are the American Way
Re: It's a sport....
Since we're talking a shotgun, then no odds are the shot falling back down isn't likely to be an issue. Recall we had this discussion a month ago when a man took a shotgun to an invading UAV. Since shot aren't on spiral trajectories, they'll just tumble back to the ground like comparably-sized gravel.
Re: Poorly thought out attempt at Bitcoins?
There are people in the south who are proud to call themselves rednecks. Otherwise, Jeff Foxworthy would never have gotten off the ground as a comic.
PS. I hope everyone realizes the term itself comes from the sunburn on the back of the necks of people who work outdoors all day.
Re: Spade fade
No, spade fade exists in the US, too. We try to discourage it by posting notices of calling for underground utility markings before commencing digging. What the article describes is best described as "Redneck Celebratory Collateral Damage".
But I'm a little surprised the shot from a shotgun actually managed to sever (or nearly sever) an overhead fiber-optic cable. Either the cable was not that high off the ground, the shotgun was of a particularly large bore, or it was literally a million-to-one shot.
Mac malware has a neat trick to install itself on OS X fans' machines
T-Mobile US CEO calls his subscribers thieves, gripes about 'unlimited' limited tethering
Re: Daft
What's the difference between running a BitTorrent client on a PC piggybacking on a mobile tether and a BitTorrent client running directly on the phone?
What's the difference between a heavy YouTube/Netflix/etc. watcher using his PC tethered to a mobile and a heavy video watcher using his HD tablet that has a SIM?
Canned laughter for Canadians selling cans of air at $15 a pop
The Honor's a defo gamechanger, but good luck buying one
Re: They've staked a claim on my money...
That's known in credit parlance as a hold. Gas pumps are best known for it. Basically, they tell the credit company they're calling dibs and to reserve the amount until the transaction goes through, at which point it officially posts. It's not all bad, though. If it falls through, it's easy enough for them to rescind the hold.
OS X remote malware strikes Thunderbolt, hops hard drive swaps
Re: Doh!
"It wouldn't be fool-proof, but it would prevent firmware malware from being downloaded an installed on the sly."
But then you get caught between a rock and a hard place. If the firmware can't be rewritten, odds are an undetectable bug (that require perhaps a rare but distinct liminality condition) will come along that gets exploited. And if it CAN be updated, odds are social engineering and a famous Douglas Adams quote will undermine any safeguards you try to put on it.
Dropbox DROPS BOX as service GOES TITSUP worldwide
Linux Foundation releases PARANOID internal infosec guide
Associated Press sues FBI for impersonating its site to install spyware
Google robo-car suffers brain freeze after seeing hipster cyclist
"both vehicles 'cut' the turn and let the other vehicle pass 'on the wrong side'. I'd expect 'interesting' things would occur if one driver each picked a different method..."
I think most traffic codes prescribe the latter method, as this has the practical consideration that neither car has to cross the other's path, meaning each can proceed at his/her own pace.
Re: "Europe only moved to the right side when Napolean Bonaparte decreed it."
"Heavy carts tended to have the driver sitting curbside as that way he could see more easily when manouvering for deliveries. There are a few places in the world where the handedness of the driving is changed from the norm for similar reasons."
"I'm aware of that. Given the normal position of a coach or carriage driver of the period, it's logical to go to the right on a narrow passageway such as a bridge. You need to be able to see how close your wheels are to the edge as this is more critical than possibly bumping the other coach."
If the edge of the road is more important than oncoming traffic, then the driver's seat is to the edge side. Two other examples of this: open pit mine trucks (no guardrails, so edge observation is a matter of life and death) and mail trucks (so that mail/post boxes in places that use them are within arm's reach of the truck driver).
"Where two vehicles are facing each other across the junction and one is indicating to turn across the others path then I'm not sure who has right of way (if anyone)."
When two opposing cars meet at an intersection at the same time:
- If both are going straight, there is no conflict and both can proceed within the law.
- If both cars are turning in the same relative direction, there is no conflict and both can proceed within the law.
- If one is turning and one is going straight, the turning car yields to the ongoing car.
- If both cars are tuning in opposite relative directions such that they'll meet on the same street, the one turning across traffic yields to the one who doesn't have to cross traffic to complete the turn (IOW, the one turning opposite the driving side yields to the one turning with the driving side).
Re: Maybe you "Entitled" cyclists....
"Since when? to take your analogy of water craft in actual fact paddle/oar has priority over sail over motor - size doesn't come into it: it's not a case of my ***** is bigger than yours."
Within the same power sources, "my ship is bigger than yours" really does apply, and it's all down to physics and inertia. Outside them, you have a point, the harder to steer vessel needs the space more than you. I would think in the late 19th century (when sail was giving way to self-powered watercraft), powered craft gave way to sail craft out of desire not to cause wrecks. That's also why drivers are told to give lorries more way and why you must never trust your gut at railroad crossings (in both cases, it's easy to misjudge the amount of momentum these vehicles have and just how difficult it is for them to stop suddenly).
"No idea what the criac is in the US, mind (which, Jagged, is where I assume Dan Paul is from)"
The general rule in the US is that road maintenance is collected through a combination of gasoline taxes and vehicle registration fees (the latter getting more attention lately because it can make up for the lower gas taxes brought in by high-efficiency and non-liquid-fuel vehicles). Other taxes may be involved but they're done on a case by case basis depending on the needs of the state or locality. Virginia, for example, restructured its gasoline tax structure a few years ago to bring in more revenue (for much-needed road repairs) and to reduce the need to adjust for inflation again in future.
Spaniard claims WWII WAR HERO pigeon code crack. Explain please
No, the true strength of the one-time pad is that it's literally impossible to determine the actual message without foreknowledge of it. The reason being a properly-used OTP cipher can actually be deciphered into ANY message of the same or shorter length. The ONLY determining factor in OTP is the pad itself.
"Are "book" codes easy to crack? The ones where each end uses an agreed edition of a common book and the coding references a word/letter by page, paragraph, line, word/letter offset numbers."
It depends on how the book is kept. If it's based on something you have to carry with you, if you're caught they can use the book in your possession to try to decipher the code. Things that are too common (like newspapers) are also risky as the enemy may well have one of these and will try it as a matter of course.
Honor 7 – heir apparent to the mid-range Android crown
The Onion Router is being cut up and making security pros cry
Re: Hodge-podge report, much?
Thing is, we don't know exactly what the US government is capable of in their black projects, and something like this they would take GREAT pains to keep secrets much as they did with the F-117 and SR-71 back during the Cold War. And we know they can tap undersea cables in situ with help from a submarine.
Security for those who know they can't win the security war
Re: That 2 year sentence thing for not giving up your password
"But is the private key actual evidence? I'm not talking about wiping the encrypted data, just removing the ability to decrypt it."
IIRC, enablers, like keys to a locked safe, DO count as evidence since they count as leads much like a witness testimony can provide a lead to other evidence. Destroying the lead denies access to the other evidence, so the charge is usually destruction of evidence.
"Some form of HSM that only works if unlocked within a specific time frame for example?"
Like I said, plods are savvy to time bombs so will image the entire system and keep them in a system where the time stays within a narrow range of the point of confiscation.
Malware menaces poison ads as Google, Yahoo! look away
Re: Try getting this plan past the accountants
"Apparently, to get accountants to approve this plan, all you'll need to do is show them the trend in ad-blocking software."
But that still won't appease the legal department, who could justify the additional expenses to keep it "Not Our Problem". The only way you can convince the legal department is to prove to them they can't keep the problem away from their desks no matter what they do, but lawyers are trained to prevents this.
"You nuke the problem from orbit. It's the only way to be sure."
That's assuming your problem is an Alien-type problem and not an Andromeda Strain (where nuking would only make it worse).
Page:
- ← Prev
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- 259
- 260
- 261
- 262
- 263
- 264
- 265
- 266
- 267
- 268
- 269
- 270
- 271
- 272
- 273
- 274
- 275
- 276
- 277
- 278
- 279
- 280
- 281
- 282
- 283
- 284
- 285
- 286
- 287
- 288
- 289
- 290
- 291
- 292
- 293
- 294
- 295
- 296
- 297
- 298
- 299
- 300
- 301
- 302
- 303
- 304
- 305
- 306
- 307
- 308
- 309
- 310
- 311
- 312
- 313
- 314
- 315
- 316
- 317
- 318
- 319
- 320
- 321
- 322
- 323
- 324
- 325
- 326
- 327
- 328
- 329
- 330
- 331
- 332
- 333
- Next →