* Posts by Franklin

623 publicly visible posts • joined 17 May 2007

Page:

Glitch hits kill switch on app web hosting, citing 'bad actors' and worse architecture

Franklin

Well, that makes my day easier

Honestly, I'm surprised anyone ever used Glitch for anything except Amazon and Bitcoin phish sites. Oh, and the occasional Netflix phish sites. I've seen so many phishes hosted on Glitch that for a while I was on a first-name basis with the folks answering their abuse emails.

And fsck me, their defenses against phish sites was piss-poor. They'd take down three identical phish sites and a week later, a bit-for-bit identical phish would be live at a different address. You'd think that any site whose title tag said "Log in to Amazon" would be spotted immediately, but no.

Microsoft boffins promise entire game worlds made from AI slop

Franklin

The future is a gamer's thumb mashing the Run button from Starfield forever

This is why I quit playing Starfield a hundred hours in, but have over a thousand in Fallout. AI generated environments are endlessly dreary and tedious, and I somehow don't see that ever reaching the fun and immersion to the hand-crafted variety.

Arrow Lake splashdown: Intel pins hopes on replacement for Raptors

Franklin

Making a prediction...

"by making improvements in both prediction accuracy and the recovery latency from mis-predicted branches, it should lead to significant enhancements in efficiency..."

Cue discovery of new side-channel security exploit in 3..2..1..

Nintendo sues alleged Switch pirate pair for serious coin

Franklin

Re: On one hand...

"Why bother? Do they think it's going to take away sales from dirge like Wii Music?"

Well, I mean...it isn't necessarily about what they think it'll do to sales of their games or hardware. Nintendo isn't just a game and hardware maker; they're also an art, fiction, music, and character production house, and if they believe music they've written and hold copyright to is being infringed, they may well feel compelled to address the infringement no matter what it will or won't do to sales of their other products on the other side of the wall.

Now, I will admit I've only done a cursory examination of the sheet-music thing, but I found something interesting in the article you link to about licensed sheet music: the statement "the original artists were receiving royalties for sheet music sales."

The original artists aren't necessarily the holders of copyright. It may be possible (and note I'm not saying that it is, only that this is possible) that Sheet Music Boss might sincerely believe they have a legitimate license with the artists to produce sheet music for the songs, and Nintendo might legitimately believe that the artists don't own the copyright, it does, and it didn't sign any license.

Again, not saying this is what happened, just using this as an example that sometimes IP licensing can get really complicated really fast, and it's possible for the two opposing sides of a copyright spat to both go into the courthouse in full good faith, each with a sincere and compelling reason to believe it is in the right.

Disclaimer: Nothing in this post should be interpreted to assume that I am "on Nintendo's side" (nor, for that matter, on the side of the pirates or the publishers of Nintendo sheet music, though as far as the pirates are concerned, let me just say it kinda almost looks like they were BEGGING to be sued, with the bowl out and the puppy-dog eyes of that one boy in Oliver Twist).

OpenCart owner turns air blue after researcher discloses serious vuln

Franklin

This is altogether common in the world of the internet, alas.

Few months back, I discovered a code injection vulnerability actively being exploited on the NACUBO site. I emailed the site admins, nothing. Notified them via Twitter, they blocked me. Reached out to the guy listed as the site's head of information security on Linkedin, he told me to go away. Just checked right this moment, the vulnerability—which has the potential of yielding total control of the site to an attacker, and is still being actively exploited in the wild—is still there.

Some people take a security disclosure as a personal attack—a sort of "you're a dumbass loser, look at this thing you screwed up"—and get defensive. Folks like that are sadly commonplace.

Apple seeks patent for 'innovation' resembling the ZX Spectrum, C64 and rPi 400

Franklin

Stealth patent?

Okay, so I read the patent, which was rough going, because it's tediously written even by the standards of patent applications.

I came away from it with the strong feeling that they are NOT actually talking about a computer built into a keyboard, and the diagrams they included are perhaps clever misdirection.

I mean, yes, they do talk about keyboards in the body of the application and they also show diagrams of keyboards. But a lot of the actual claims, the meat of the application, don't say computer, they say "computing device," "made of composites or aluminum," "with input capabilities," "foldable into two or three sections."

That sounds like...

...smart glasses?

Read the patent application thinking "smart glasses" and not "Commodore 64" and see if it makes sense to you all, too. I wonder, is Apple getting cagy with the language of their patent applications, since those have in the past often tipped their hand about what they're up to?

I mean, I could be wrong, but it's hard to read that application and not see it that way.

Not so fast, SpaceX: $3bn NASA Moon landing contract blocked by rivals' gripes

Franklin

“Dynetics has issues and concerns with several aspects of the acquisition process. Namely, the money is going to someone else. Someone who is not us. We would like that money, please."

Salesforce beats banks to top UK exec salary survey while Microsoft drops out of league

Franklin

Ah, that would explain why I'm getting 30-40 bits of spam a day advertising stock pump and dump scams, all originating from Salesforce-owned IP addresses. They gotta make that money somehow....

I here there's big bucks in bulletproof spam services.

Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website

Franklin

The domain amyca-dev-node.azurewebsites.net now has a Web page that says "Comming Soon." Not sure if it was placed there by the miscreants or by PwC, but somebody certainly can't spell!

Cloudflare family-friendly DNS service flubs first filtering foray: Vital LGBTQ, sex-ed sites blocked 'by mistake'

Franklin

It's good to know that in these trying times, Cloudflare is pleased to serve malware droppers, carder sites, and C&C servers for malware...but draws the line at sex ed sites.

I once had a Twitter exchange with a guy calling himself the head of Cloudflare security. I asked what his policy was on serving kiddy porn. He said something along the lines of "report it to the FBI, not us. It's not our problem. We don't censor." But, you know, a sex ed site? That's a whole 'nother kettle of fish!

Franklin

"Simple" is certainly the right word for that attitude, no doubt.

You'll never guess what US mad lads Throwflame have strapped to a drone (clue: it does exactly what it says on the tin)

Franklin
Flame

What a wonderful time to be alive!

That is all.

NASA 'nauts do what flagship smartphone fans can only dream of: Change the batteries

Franklin
Flame

Yes, the batteries are technically replaceable...

...but I bet it's still more expensive and requires greater technical expertise than just bringing your phone round to the shop.

"Good news: The battery in your phone can be replaced! Bad news: The battery is half a million dollars, not including shipping, and takes two people in special clothes several hours to swap."

Fire icon because hey, Li-Ion.

When neural nets do carols: 'Santa baby bore sweet Jesus Christ. Fa la la la la la, la la la la'

Franklin

Someone record these, stat

If stores played these carols instead of the same old schlock they normally play, I might do less of my Christmas shopping online.

Giza geezers' muon-geyser visor reveals Great Pyramid's hidden void surpriser

Franklin

It has to be be where the ancient Egyptians stored the grain. I heard it from a US politician, so it must be true!

Cloudflare: We dumped Daily Stormer not because they're Nazis but because they said we love Nazis

Franklin

Re: Not as Unreasonable as It May Seem

Eh, there's plenty of out-and-out criminal content that Cloudflare is more than happy to serve and protect as well. They're notorious for shielding carder sites (they protected rescator.cc, the site where the information from the Home Depot hack some while back was sold) and malware sites, and they're quite content to do so.

Much as they like to say they're champions of "free speech" and they're interested in protecting odious but legal content and whatever whatever, they do seem to throw their chips behind content that is in no way legal under any circumstances, and the way I see it, that speaks volumes about their character.

Researcher says fixes to Windows Defender's engine incomplete

Franklin

Re: MS & security in the same breath?

"MS still manage fewer vulnerabilities than any enterprise alternatives though"

It's 2017, are there still people who think you can simply count the total of vulnerabilities and learn anything meaningful?

There are vulnerabilities and vulnerabilities. I'll take a dozen local DoS vulnerabilities over one remote code execution any day, kthx.

HPE hatches HPE Next – a radical overhaul plan so it won't be HPE Last

Franklin

"we will clean-sheet our operating model..."

Yes, indeed you will. I think I've read that Dilbert strip.

Hasta la Windows Vista, baby! It's now officially dead – good riddance

Franklin

Still going strong...

...in the movie theatre near where I live, whose POS systems and ticket self-serve kiosks all run Vista.

Well, I say "going strong." That's not really quite true. They both crash often, which is how I know they're running Vista.

An end-of-life operating system that connects to a credit card reader. What could possibly go wrong?

DNS lookups can reveal every web page you visit, says German boffin

Franklin

So does that mean...

...running a client on your computer that makes DNS queries and sending page lookups to random (legitimate) Web sites in the background will confuse the trail?

Just give up: 123456 is still the world's most popular password

Franklin

Re: Don't Just Blame Users

One of my banks has the same idiotic policy. Passwords are required to be exactly seven--no more and no fewer--numbers.

And it gets worse. Your username is always the last 8 digits of your debit card number. So if someone lifts your debit card, they know your username and exactly what format your password is.

This is a large Canadian bank.

I weep for humanity.

Google gobbles startup that claims its tech is like a mind reader (gulp)

Franklin

Re: No thanks

Doesn't matter if you need it, I reckon. What matters is it wants you.

Google will add your biological and ocular distinctiveness to its own. You will adapt to be served ads. Resistance is futile.

IBM kills off SoftLayer brand, puts it in the Bluemix

Franklin

Wonder if Bluemix will still be as spam-friendly as Softlayer.

NASCAR team red-flagged by ransomware attack

Franklin

"The data that they were threatening to take from us was priceless, we couldn't go one day without it greatly impacting the team's future success. What we did know was that if we didn't get the files back, we would lose years' worth of work, millions of dollars. However, we can't be arsed to go to Costco and spend $40 on a backup drive, or even keep our files on a USB stick."

There, FTFY.

SpaceX winning streak meets explosive end

Franklin

Re: On a related note . . .

I'm thinking Abominator-class offensive unit, because it works both ways: it describes what happens when the ship splits apart into a fleet and what happens to any hostile vessels encountered whilst doing so.

Model's horrific rape case may limit crucial online free speech law

Franklin

Re: law enforcement?

"If there was an open police case, then why were these guys still going about their business?"

One of them was a cop.

They had a pattern: The cop would drug women and film his friend raping them. Eventually, word would get back to the police force he worked for. He'd be quietly fired, and go to work somewhere else.

At one point in 2009, he was finally charged with rape. He was arrested, booked, and released on bail...during which time he committed additional rapes.

Google still faces legal spat with SEO biz that claimed it was wiped from web

Franklin

Re: The thing is…

I get about a dozen of those spam emails a day. And on those occasions where I've Googled the spammy SEO companies, I tend to notice that their companies don't appear on the first page of Google results.

It's a bit like those psychics who claim to tell the future but can't seem to tell what tomorrow's lottery numbers will be; if an SEO company can't get their own business on the first page of Google, why on earth would any rational person think they could do it for someone else?

This headline will, in part, cost pepper-spraying University of California, Davis $175k

Franklin

$15,000/month for ineffective Google-fiddling?

Clearly I'm in the wrong business. I would offer them the same service with the same result for--let's see--um, half that much! Sure. Half that much. I can do fuckall for $7.5k/month, no problem.

Half of people plug in USB drives they find in the parking lot

Franklin
Pirate

Maybe large biz needs to invest in some educational posters. I'm thinking something like the "Loose Lips Sink Ships" propaganda posters from WWII, perhaps a bold color with a cartoon sketch of a USB drive with shark teeth over a witty slogan that rhymes, posted in hallways and employee break rooms.

I will leave the witty slogans to someone far cleverer than I.

America's Intelligence Transparency Council to meet for the first time … behind closed doors

Franklin

Who serves whom?

"That enormous loss in trust between the American people and the intelligence services that serve them was in large part responsible for the creation of the new council."

Shouldn't that read "That enormous loss in trust between the American people and the intelligence services they serve"? Not that I'm suggesting the intelligence apparatus has anything at heart save what's best for the people; perish the very thought.

Norman Conquest, King Edward, cyber pathogen and illegal gambling all emerge in Apple v FBI

Franklin

Math is math

One of the fundamental problems I see here is that the FBI, and many people who argue in favor of the FBI's case, don't really get that math is math. Math does not distinguish between bad guys and good guys. Math doesn't know about due process or judicial oversight. Math is math.

Encryption is math. If there's a way to break or circumvent an encryption system, that's math. Because math is math and knows nothing of good guys and bad guys, any system that allows bypassing or otherwise circumventing encryption is an equal-opportunity tool. (Do we assume that China doesn't have mathematicians? Russia? Organized crime?)

In the past, it has been possible, at least to some extent, to partition law enforcement abilities by making--to greater or lesser extent--the tools they use available only to the "right" people. You can't do that with math. Math is just...math.

CloudFlare to launch its own 'high security' web domain registrar

Franklin

Re: Bullet proof

Yep, CloudFlare is definitely the bulletproof service provider of choice for large-scale ROKSO spammers, malware distributors, and Eastern European organized crime.

I track all the spam I get. Right now, I'm receiving an average of 37 spam messages a day that evade my spam filters, 31 (about 84%) of which Spamvertised domains protected by Cloudflare. Cloudflare does nothing at all about spam or malware domains--their "security head" has told me on Twitter point-blank they don't care, so piss off--and phish and malware sites served by Cloudflare tend to remain active on Cloudflare's network forever.

I'm not sure how folks who started out as spam fighters ended up in the pockets of spammers, but it's a sad thing.

Haptic developer fires patent suits at Apple

Franklin

Re: Why are they suing AT&T?

Immersion has a patent on "sending control information for a haptic system over a network," IIRC.

Franklin

I stumbled across Immersion while Iwas doing a patent search for a haptic system not related to cell phones or video games.

They (or rather, he--the patents seem to originate from one person) file for zillions of patents, all nearly identical to one another, on "technologies" that seem blindingly obvious. One of them gets invalidated? Fifteen get invalidated? No problem, there's a thousand more behind them!

A patent for a haptic interface involving a video game controller containing a motor with a counterweight to create vibration. A patent for a haptic interface involving a video game controller containing two motors with counterweights to create vibration. A patent for a haptic interface involving a video game controller containing two motors with counterweights to create vibration, wherein said motors can be controlled separately. A patent for a haptic interface involving a video game controller containing two motors with counterweights to create vibration, wherein said motors can be controlled separately and are oriented differently. A patent for a haptic interface involving a video game controller containing two motors with counterweights to create vibration, wherein said motors are controlled by a single controller. You get the idea.

These guys are (this guy is?) the McDonald's of patent trolls, mass-producing zillions of low-quality patents on an assembly line basis to keep a constant flow of lawsuits in the pipeline. I keep waiting to see their logo changed to a giant stylized M with the slogan "Over 42 billion sued!"

Bloke sues dad who shot down his drone – and why it may decide who owns the skies

Franklin

Re: So now flying a kite...

There are situations in which flying a kite can indeed get you in hot water with the FAA; I went to school with a fellow who landed in trouble when he flew a kite about a quarter mile from the runway of a local airport.

The specific situation of being that close to an airport aside, yes, the FAA thinks it can, and occasionally does, get testy about kite-flying.

What did we learn today? Microsoft has patented the slider bar

Franklin

A design patent isn't the same animal as a utility patent. A design patent is only a patent on the exact look of something, and it has to be on a look with no practical utility to the underlying thing.

Which makes me believe that had Corel put the + and - widgets at the end of the slider inside squares rather than circles, or made the design of the slider bit look different, they wouldn't have this mess.

Not that the patent is anything but bonkers, but still.

Lock up your top-of-racks, says Cisco, there's a bug in the USB code

Franklin

It's 2015, and there are still far too many hardware manufacturers that naively trust anything that can be plugged in, read from, or sent to their devices. We live in a world where all developers from the low-level device I/O guys to the top-level app developers need to assume that someone somewhere at some point try to send malicious data to them, and code appropriately.

It's a bad bad world out there. Assume malicious intent from any data you receive.

Report: VW execs 'knew' about fuel economy issues last year

Franklin

"I am not aware of any wrong doing on my part."

That's a suspiciously specific statement. I am not aware of any wrong doing on my part, but I'm aware of massive wrongdoing on other people's parts at my behest?

Meet ARM1, grandfather of today's mobe, tablet CPUs – watch it crunch code live in a browser

Franklin

My God, that's a thing of beauty

I could stare at it for hours. Chip design may be a science, but the result sure looks like art.

Meaningful gesture: Thalmic Labs Myo motion sensing armband

Franklin

Re: Masturbation

Dunno about masturbation, but I did get one of these and an Arduino with a Bluetooth and a motor control shield, wrote some software for my laptop, connected the Arduino to a vibrator, and made a gesture controlled sex toy. It's kind of fun, winding up a girlfriend just by gesture, though in fairness I doubt it will ever be a killer app.

3D printer blueprints for TSA luggage-unlocking master keys leak online

Franklin

Re: Looks like the Thieves Support Assocation is going to get some competition.

I will confess, my first thought was "Oh, look! Now when TSA steals my stuff, they'll have an excuse. 'It wasn't us! It must have been an evil 3D printer owner who made a copy of our key.'"

I've never been particularly worried about some Random Evildoer(tm) stealing my stuff at an airport, to be honest. I've always been far more concerned about TSA staff doing that. And now, TSA staff have greater plausible deniability.

CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Franklin

"We've asked Microsoft to explain the thinking behind its WPBT feature."

Objection, Your Honor. Assumes facts not in evidence. Are you sure "thinking" was what the people who came up with this 'feature' were doing?

Disaster-gawping cam drones to be blasted out of the sky in California

Franklin

They already do this with cars. An old friend of mine who's a firefighter has plenty of stories about people who park their cars in front of fire hydrants. Firefighters will ram them out of the way with their trucks (or, in one case where she responded to a fire and there was no way to clear a BMW from in front of a hydrant) simply smash the windows and run the hoses right through the car.

Ad slingers beware! Google raises Red Screen of malware Dearth

Franklin

Re: I'd like to see an option

Chrome's Red Screen pages have an Advanced -> Continue to this page anyway link at the bottom.

Why the BBC is stuffing free Micro:bit computers into schoolkids' satchels

Franklin

Re: Year 7 = 11 years old

11 years old was when I got my first computer, a Radio Shack TRS-80 Model I (that ought to date me!). It didn't take long before I was tearing it apart and soldering new ICs to it--back in those days, if oyu got a computer, as often as not the schematics and PCB layout came with it.

I reckon at least some 11-year-olds will have an absolute blast with this. I know I would have. Hell, I probably still could! Where can I get one?

Blackhat hack trick wallops popular routers

Franklin
Mushroom

Well, this bodes ill...

...for the upcoming Internet of Things, which ought to provide some novel and exciting attack surfaces if IoT makers care as much about security as router makers do.

Traumatised Reg SPB team barely survives movie unwatchablathon

Franklin

Re: Based on an El Reg comment post earlier this week...

Maximum Overdrive! There's a stinker of a film and no mistake. I saw it in the theaters with some friends of mine, and we were absolutely rolling with laughter, until about midway through when we realized that (a) nobody else was laughing and (b) the actors all seemed deadly earnest. I recall looking at my friend Henry and saying "this movie isn't a parody, is it?" and he shook his head and said "no, I don't think it's supposed to be funny."

Keurig to drop coffee DRM after boss admits 'we were wrong'

Franklin

A company finally sees the light on DRM?

Hooray! That's one down...now, how many more to go?

Revealed: The AMAZING technology behind Apple's $1299 Retina MacBooks – a lot of glue

Franklin

Re: The hacker spirit...

I definitely get the appeal of the hacker spirit, but I don't think it's dead, I just think it's gone in another direction.

Adding RAM to your computer hardly qualifies you as a "hacker" any more. I mean, hell, my mother added more RAM to her computer last year and she's 74 years old and the farthest thing from a hacker it's possible to be, fer Chrissakes! The days when computers were so ultramodern and new that a person who could put in another battery or swap a hard drive was qualified to call himself a "hacker" are long gone.

I'm typing this on a Macbook Pro. Is my hacker spirit dead? Naah, it just has another outlet--I don't hack this laptop, I do my hacking on the Arduino Uno and the DF Robotics Beetle board it's connected to.

'Arkansas cops tried to hack me with malware-ridden hard drive'

Franklin

Cycbot and Zbot are both executables, not malware that hide inside doc files. It seems likely that if there's an .exe sitting in a specific subdirectory on an external drive, it's because someone put it there, not because it copied itself there from an infected computer or hitched along with a Word file.

Page: