* Posts by veti

3118 posts • joined 25 Mar 2010

NSA boss: Trump won't pull trigger for Russia election hack retaliation

veti Silver badge

Re: MSM

Then you haven't thought it through.

Every media organ has its biases, certainly. But those that are based in your own country have at least this much in common with you: that they want to see your country successful, its people richer and healthier and happier, because those people will spend more money. You can certainly disagree - strongly - with their ideas of how this future should be brought about, but if you don't understand why they share many of your goals, you're being wilfully dumb.

And those organs are all operating independently, more or less. Journalists have a pack mentality, yes, but the bottom line is they're competing, not actively collaborating to spin you some mutually agreed narrative. The 24 hour cycle has damaged the media enormously - indeed, I once argued that if Trump won the presidency, it would prove that the US news media wasn't fit for purpose - but there's still useful information to be got there, if you can take the time to parse it.

The Russians on the other hand: they are both actively malevolent and well coordinated. They are attacking the soft underbelly of democracy. And Trump responds by taking off its shirt and telling it to close its eyes.

veti Silver badge

Re: Acts of war

Congress has tried to pass sanctions against Russia.

But what is an act of war anyway, if your own side's commander in chief point-blank refuses to fight?

veti Silver badge

So what do you suggest, spies should only pass on information that they've personally witnessed or have sworn testimony from multiple credible witnesses?

I don't think you've thought that position through.

NRA gives FCC boss Ajit Pai a gun as reward for killing net neutrality. Yeah, an actual gun

veti Silver badge

Re: Anyone from the

And if it comes to turning American troops against civilians in the homeland, you know how it will be framed: as a clear and present threat of terrorism. If commanders can convince their subordinates that the enemy poses an imminent threat to peace and the safety of innocent people, they can convince them to act.

And you know what makes it really hard to make that case? The knowledge that the targets are mostly unarmed or, at most, lightly armed. If everyone knows they've got top-flight weapons of their own, then escalation becomes really easy. That's why swatting is a thing now.

veti Silver badge

Re: Anyone from the

"Domestic invasion"? So you'd be fighting your fellow Americans, then?

You have a curious idea of "unity".

veti Silver badge

Re: those cowardly cops in Parkland

I doubt if they said anything about consulting superiors, because that would shuffle responsibility upwards, which is not what anyone has in mind when drafting things like that. (The golden rule is to make sure the agency employing the cop can never be held responsible for anything, period.)

What they probably did say was something about obtaining the best possible information, and not making a move while the situation was still unclear. That would be quite enough to keep the cop outside for at least five minutes after he heard the first gunshots.

Makes no difference now, the poor guy is the official scapegoat for this episode. And the RoE won't change.

veti Silver badge

Re: Anyone from the

@Charles 9:

Seemed the Vietnamese, Iraqis, and Somalia did all right given their disadvantages (and the A10 was in Vietnam, too). Why can't we?

You make a good point, but the bottom line is: all those countries were repelling a foreign invader. Nothing unifies opposition quite like that. As humankind has repeatedly shown, it's amazing what people can do when they all work together.

What do you think would unify the American public to the same extent? Nothing short of foreign invasion, I suspect. Certainly I doubt that you could persuade everyone to take part in comparable operations if the US Army (and, most likely, also its law enforcement agencies) was on the other side. And a people divided are, as the poet says, well and truly screwed. (C.f. Brexit.)

veti Silver badge

Re: NRA

The answer to your question: technically, it's not an NRA award, it's given by the CPAC. (The "NRA award" spin seems to have been introduced to this particular story by Russia Today, and subsequently parroted by basically everyone - including Fox and Brietbart News. Interesting, no?)

But the award was made by a prominent figure within the NRA (last year it was Chris Cox, this year Carolyn Meadows). So I think it would be fair to say that they endorse it.

Incidentally, in the course of researching this answer, I learned that in 2015, the award did involve handing over an actual gun on stage. So it's only sometime in the past 3 years that CPAC has decided to go gun-free. Also interesting, I thought, as a reflection of their confidence in Trump's pledge to fix violent crime.

veti Silver badge

Re: A No-Weapons Policy. That's Nice...

@Charles 9: One of your examples was barely within living memory. The other was over 20 years ago.

That kinda looks like a clue that these things don't happen very often.

veti Silver badge

Re: Pai's task is "to liberate the internet and give it back to you"

Your error is, you're assuming you know what the words mean.

The fact is, words like 'liberate' and 'give back' have no definition that can meaningfully be applied in this context, and therefore they mean whatever the speaker chooses for them to mean. And therefore the statement is meaningless.

The same goes for a lot of statements made by the other side, by the way. As long as we, the audience, allow them to go on spouting bullshit like this without defining their terms, they'll keep doing it.

Private browsing isn't: Boffins say smut-mode can't hide your tracks

veti Silver badge

Re: A pretty high bar

I'll be astonished if it becomes widely used by any generation. Requires website to actively forego information, just to "protect" user privacy (from whom, exactly?) I find it hard to think of any business case for that.

Perusing pr0nz at work? Here's a protip: Save it in a file marked 'private'

veti Silver badge

Re: The real story

So... Woman who has been made to feel useless and redundant for six months is dragged into interview, suffers epileptic fit because she hasn't had correct medication - very likely, in my experience, because the time of the interview has been changed at the last minute - and employers take the opportunity to ransack her personal files? Yeah, I'm completely sure they acted impeccably.

Nobody expects the social media inquisition! OK, everybody did, UK politicos

veti Silver badge

Re: Again?

The politicians are talking about the problems we elected them to solve. If there is a problem, then it needs to be addressed at a societal level, and that means politics.

You may not like their ideas or their conclusions, but they're definitely doing their job on this.

RIP, Swype: Thanks for all the sor--speec--speedy texting

veti Silver badge

Re: You've GOT to be kidding me

Dasher.

That microchipped e-passport you've got? US border cops still can't verify the data in it

veti Silver badge

Re: Solution

Umm... 99% of people are travelling on perfectly valid credentials to begin with. It's the remaining 1% that you need to worry about. If your test can't distinguish them, with reasonable levels of reliability, then it's not contributing anything of value.

Boffins: If AI eggheads could go ahead and try to stop their code being evil, that'd be great

veti Silver badge

You have completely missed the point.

It boils down to "these are the new threats that modern techniques are likely to give rise to. We should think about how to defend against them".

For instance: against "deepfakes" videos, it would be helpful if all reputable manufacturers of video equipment could agree to embed some kind of watermark that serves as a digital signature when they capture real video. That way it would be possible to tell whether the video had been tampered with. You can't prevent the attack, but you can at least tell that it's happened.

veti Silver badge

Re: But AI doesn't exist. And may never exist.

Could you even define what "intelligence" is?

I swear, when the terminators finally hunt down John Connor, his last words will be "But they're not really intell..."

Crypto-gurus: Which idiots told the FBI that Feds-only backdoors in encryption are possible?

veti Silver badge

Bletchley Park was well and truly hidden from the "bad guys" (Germany) for long enough to do its job. Even the Russians didn't know about it until after it was disbanded.

veti Silver badge

Physical access

I don't see the problem.

If the FBI, or anyone else, wants to take my phone away from me and invest a lot of time and effort into physically dismantling it and brute-forcing any encrypted content out of its memory, they can do that. They've got the resources. I don't mind if phones are not built to resist that level of attack.

If they don't want to go to those lengths, then obviously their motivation for wanting to know isn't strong enough, and they can stay the fuck out.

Problem solved, no?

UK local gov: 37 cyber attacks a minute but little mandatory training

veti Silver badge

Re: Reporting Cyber Crime

I was wondering that. If only there were some central agency where you could report such incidents with confidence that they'd be viewed by competent people, who wouldn't waste your time with stupid followup questions, expose your data to more risk...

A general-purpose police website doesn't really cut it. They'd be sifting through ten thousand emails a day from "Ukrainians" claiming to have installed Cryptolocker on my system - that's the level of cybercrime I see most days, and I guess millions more people are in the same boat. A dedicated helpdesk for IT professionals in government, local government, and quangos doesn't seem too much to ask for.

Create such a helpdesk, then make it a crime not to inform them of a known breach.

KFC: Enemy of waistlines, AI, arteries and logistics software

veti Silver badge

Re: Have I missed something?

Speak for yourself. The maps on my phone get updated a couple of times a week, on average, without any action on my part. If that's available as standard on a low-grade Android, I find it hard to believe that a $30,000 car can't match it.

Mueller bombshell: 13 Russian 'troll factory' staffers charged with allegedly meddling in US presidential election

veti Silver badge

Re: Wonderful timing!

"Regular delegates voted for Bernie" - that's not what the actual record says. Hillary got more votes, more delegates, and more states, even before counting superdelegates.

I'm sure you can argue all day about how she cheated to get those and shouldn't have got them and everything was fixed by the DNC, but the simple statement "regular delegates voted for Bernie" is bullshit and I'll thank you to stop spreading it.

@Doug S: you're still underestimating Trump. Trump may well make a lot of sound and fury about how his opponent should be disqualified, but he would expect to lose that fight. He relishes losing fights, because every loss is a chance to tweet about how the deck is stacked against him. There's only one fight he actually cares about, and everything that distracts from that - helps him.

veti Silver badge

Re: Last name on the list is not likely to be Russian

Whether the name is Bulgarian or Slovak or Martian, the individual concerned could still be Russian. And even if he's not, he could still be working in and employed by Russia. Let's not get distracted by trivialities.

As far as I can see, Mueller is about the only person in the US government who's making a sincere and honest attempt to do their job. Let's enjoy it while we can.

veti Silver badge

Re: Many layers of subterfuge

Oh Homer, when has Trump ever suggested that he views Russia as an enemy? The only enemies in his world are people who have the temerity to sell things to Americans.

He's happy enough to take action against Kaspersky, which is pretty much the only Russian company that does that at any noticeable scale. But when told to act against Putin and his thugs, he systematically undermines the law that he himself signed.

Stephen Elop and the fall of Nokia revisited

veti Silver badge

Re: "Elop's time at Nokia cost him his marriage, don't forget."

It's sad that you lost your relationship - but you were compensated, you got the money and the glory you'd been promised. That was your choice. You could have chosen to walk away from the job and the project instead; but you stuck with them. That was your choice, and don't pretend you didn't make it.

Tough break. But don't pretend that Elop's was less tough: arguably more so, because "marriage" implies a significantly deeper level of personal commitment than mere "engagement".

Elop didn't get all those millions as "compensation" for losing his marriage: it was the reward he'd been promised, and the marriage couldn't survive the process of earning it. He made a choice, just like you; the personal outcome was the same; and he was "rewarded" just like you. The difference is that in his case, the gains of staying in the job were a lot bigger.

Look out, Wiki-geeks. Now Google trains AI to write Wikipedia articles

veti Silver badge

Re: To be fair

My thoughts exactly. There's quite a lot of pages in Wikipedia that are pretty badly written by humans - particularly, though by no means exclusively, when the humans in question were obviously writing in a foreign (to them) language.

veti Silver badge

Re: Nothing a bit of editing can't fix

Reminds me of the 'AutoSummarize' feature that Word used to have. Except that, as I remember it, the Word version worked better than that. Less repetitive, and it knew what capitals were for.

Anyone know why it got taken out from Word 2010?

Hua-no-wei! NSA, FBI, CIA bosses put Chinese mobe makers on blast

veti Silver badge

Well, duh

Asking "would you personally use a phone made by Huawei or ZTE?" is like asking "Would you personally drive a Lada?"

When you're asking people of that class, of course they're not going to put their hands up to that. Why would someone with a six-figure income even contemplate a cut-price phone?

Roses are red, Kaspersky is blue: 'That ban's unconstitutional!' Boo hoo hoo

veti Silver badge

Re: Russian spies have rights

A Russian spy who is within the jurisdiction of any US court has exactly the same rights as any other person within the jurisdiction of that court, including the protection of the constitution. Go read the 14th amendment.

By all means "treat Kaspersky as a risk". There are plenty of ways to do that. If the government sees fit it can declare Kaspersky Labs a proscribed organization, freeze its assets, deport or arrest any representatives it finds in the US, prevent them from entering the country (or leaving it, or travelling within it for that matter)...

But the government hasn't done any of those things. Instead it's passed a bill of attainder - a form of law explicitly forbidden by the constitution - not even the bill of rights, but the main text of the constitution itself. The politicians who drafted and voted for that law, and the president who signed it, should all be recalled/impeached for perjury, because they all took an oath to uphold the constitution, and they've all broken it.

veti Silver badge

@DougS, there are undoubtedly a lot of scum in Russia. Like the one whose email I was scrutinising just half an hour ago, in the vain hopes of finding someone I could plausibly report it to, trying to extract bitcoin from me. Since they claimed to be Ukrainian, I'm assuming they were at least patriotic Russians and quite possibly employed, indirectly, by the thug-in-chief himself.

But that doesn't mean every allegation against Russians should be considered "true". Particularly when the allegation takes the form of a law that would still be unconstitutional even if the claims were all 100% proven.

There are ways of dealing with rogue companies, but "passing a law against doing business with that particular company" is not a legitimate one.

veti Silver badge

Re: Good Luck

How exactly does "the usual National Security line" allow them to ignore the constitution?

I mean, I get how it might be used to justify withholding evidence, but that's not the issue in this case. A bill of attainder is just flat-out unconstitutional, no matter how much evidence there is behind it.

Yes, Assange, we'll still nick you for skipping bail, rules court

veti Silver badge

Re: Sheltering Criminals.

Sure, the UK could chuck out (withdraw accreditation from) the entire Ecuadorian embassy.

But that would be tantamount to "severing diplomatic relations". Which is generally seen as a pretty extreme step, most often an immediate prelude to "declaring war". Nobody thinks Assange is worth that.

Keep it in proportion, please.

veti Silver badge

@Ledswinger: IIRC they tried that line of argument a couple of weeks ago. The answer was "you don't get to choose where you serve your sentence, that's kinda the whole point'.

veti Silver badge

Re: Schrödinger's Embassy

Trump is only "big on loyalty" one way. He cares passionately that people are loyal to him, but he shows no sign of recognising any obligation to return or reward that loyalty. See: all the people he's dismissed (or have quit) from his campaign and/or administration and then disowned, with varying degrees of disparagement and vehemence.

I'm pretty sure Trump would claim him if he thought it would give him a diplomatic triumph he could tweet about. "Winning" is all he cares about. I also wouldn't put it past him to make the attempt even if he knew it only had a small chance of working, because "losing" doesn't cost him anything either - he just blames it on his innumerable enemies (who are, of course, no fault of his, they're completely evil and irrational).

UK Home Sec Amber Rudd unveils extremism blocking tool

veti Silver badge

Re: detects 94 per cent of Daesh propaganda with 99.995 per cent accuracy

I read that as "it has a 6% false negative rate, and a 0.005% false positive rate". It's expressed clumsily, but it's weighted towards false negatives, which is a good thing.

Why aren't you being arbiters of truth? MPs scream at Facebook, YouTube, Twitter

veti Silver badge

Re: There is no truth

if I claim that something provably false is true, and this claim results in demonstrable harm, then I should reasonably expect to be challenged and, if successful, punished. By the police and courts, not vigilantes

A good principle, but how does it translate into real life? What is "provably false"? What if you had no way of knowing, when you made the claim, that it was "provably false"? What is "harm", and how do you demonstrate it?

Example: if I publish a mugshot of a 13-year-old girl with the caption "Ugly crack ho sucks for bucks", is that "provably false"? If the girl in the picture subsequently kills herself, is that "demonstrable harm" from my posting? - how do you separate it from the 100 other bullies all posting the same thing, from her boyfriend dumping her and her teachers overloading her?

What difference does it make if, instead of a 13-year-old girl, the picture is a 61-year-old woman? What if it's Theresa May?

Simple rules are easy to state, but then the lines are too easy to blur. The devil is in the detail.

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

veti Silver badge

Re: Don't load third-party scripts

So what's the alternative, exactly?

1. Write, maintain and test everything in house. Oh, and remember to document it too, because otherwise you're just storing up trouble for next week. And even then you'll still have dependencies - on browsers, on server platforms and scripting languages - and vulnerabilities will still creep in. I'm not really seeing the business case for that.

2. Make sure every resource is fully audited, and can't be amended without appropriate hoop jumping. This is marginally less work than (1) (and commensurately slightly less secure), but frankly it's still a shedload of effort for very small return.

3. Avoid scripts entirely. Congratulations, now you spend your whole life saying "no" to the marketing department. Good luck keeping your job, even if your company can survive.

Or 4. Accept that the occasional breach is part of your normal operational costs. Just like you expect employees to pinch some of your stationery, you expect customers to duck out on some of their bills, so you also expect hackers to disrupt some of your transactions. Accept it, model it, budget for it. Move on.

MPs: Lack of technical skills for Brexit could create 'damaging, unmanageable muddle'

veti Silver badge

Re: But it will be worth it

This time, when we whine about the deal, they can tell us to fuck off.

Yeah, but they won't, because - despite the current rhetoric - a hard Brexit would probably destroy the EU.

The individual countries, and the continental economy, wouldn't be too badly affected, true. But the EU as an institution would take a blow that would make the Greek/Spanish/Italian budget fiascos look like very small beer indeed. And others would definitely start to take "leaving" more seriously as an option.

Everyone seems to think that populism is dead, that Macron has restored sanity and stability. But the French populists haven't gone anywhere, and for the next four years they get to blame everything - including Brexit - firmly on Macron, who is the elitist's elitist. Le Pen will be back, and she'll be stronger. And Orban, and Duda, have no love for the EU - if it stops paying them (and without Britain's money, it likely will), they will turn on it. Geert Wilders is still there, so is Milos Zeman. Meanwhile Merkel is a shadow of her former self, Macron is still in the woolly idealistic phase, Italy shows no sign of giving a shit, Spain is still smarting from the fiscal spanking inflicted on them by the Germans. For the first time in a generation, there is no clear leader in Europe.

Sure, things look pretty bad to us. But in the alternative world where the referendum went the other way, I feel pretty confident that beds of roses and sunny optimism are also in very short supply indeed.

veti Silver badge

Re: But it will be worth it

I would remind the house of how EU negotiations always go.

Going in, there's talk of agendas and constituencies and red lines, and it all looks kinda planned. Then things get bogged down, there's talk of breakdowns and everyone walking away empty handed, and all-night sessions as deadlines loom.

Then, at the last minute, there's a triumphant rabbit out of the hat that amounts to either extending the deadline, or face saving fudges all round. But, and this is important, there is no hint of this fudge before the last minute. Everyone talks as if there is total irreconcilable deadlock, right up to the moment there isn't.

The pattern is invariable. It's by design - it's the process that allows governments, all of them, to sell unpalatable fudges to their electors.

I don't see why we should expect Brexit to be different.

CLOUD Act hits Senate to lube up US access to data stored abroad

veti Silver badge

You're not reading the story.

That's what they're doing now. This bill gives US companies the right to resist handing over the information if they believe it applies to someone who's protected by foreign laws. That's a right they don't, currently, have, without going through a prolonged and expensive appeals process.

It's smart packaging: it dresses itself up as empowering law enforcement, but actually it's limiting powers that they're already using (albeit without any clear authority).

Boffins crack smartphone location tracking – even if you've turned off the GPS

veti Silver badge

This is great news!

Finally, we can stop having those battery-sucking, sky-hungry GPS locators in every phone, and get almost the same level of service for a quarter of the battery hit!

What do you mean, "not available to the user"?

veti Silver badge

You can do encrypted comms with a pen and paper, quite ordinary people have been doing it for centuries. Of course you can do them with a 3310.

Accused Brit hacker Lauri Love will NOT be extradited to America

veti Silver badge

Re: Fine legal system

Any one person's experience could give strong anecdotal evidence that the Anglo system has room for improvement - lots of room, even - but it wouldn't say anything about the relative merits vs other national systems.

Therefore, it fails to refute the claim that it's "one of the world's finest". It merely says "this bar may be lower than you think".

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told

veti Silver badge

@John G Imrie

@Zog_but_not_the_first

Easy to say, not so easy to do.

There are a lot of requirements placed on NHS contractors. If you add yet another one, you run the real risk that there will be *nobody* who is fully qualified to provide some vital product or service. And so you'll always have to make compromises somewhere.

So there's always going to be argument about which requirements are essential, and which are merely desirable. Argument means politics. Welcome to square one.

UK Home Office grilled over biometrics, being clingy with folks' mugshots

veti Silver badge

/s /criminals /residents

We're talking about the pollution of law enforcement databases with spurious data. It's the criminals who benefit from this practice, which the Home Office is apparently defending out of sheer inertia ("it'd be too much work to change it").

veti Silver badge

Re: This is B@*&£$%!

Of course the suspect has been arrested. It's being charged that's the missing step.

I can well believe that there isn't a "charged" flag in that particular database, so a simple SQL query probably isn't going to cut it.

(You may reply "well, that's crap design then", and I wouldn't deny it. I'd take "crap design" as a given, in any significant data structure that's grown up over a period of time. But that's not the same as proposing a roadmap for how to improve it, let alone finding the budget to do it.)

veti Silver badge

How about, make deletion part of the discharge process when you get let out of your cell? How hard can that be?

(Actually, I'm hoping the answer is "pretty hard". Adding a significant administrative overhead to locking people up without good reason is a feature, not a bug.)

UK PM Theresa May orders review of online abuse laws in suffrage centenary speech

veti Silver badge

There are 40 million different reasons for that.

Nork hackers exploit Flash bug to pwn South Koreans. And Adobe will deal with it next week

veti Silver badge

Re: And the biggest offender Award goes to....

Makes sense. It's a sector where people are most likely to be encouraged/forced to use shit that they personally had no hand in making, that's never been properly vetted or audited, and doesn't even have any proper trail of accountability showing who chose it in the first place.

As a result of which, if a teacher does have reservations about a particular course or resource, there are many lines of resistance to challenging it that kick in automatically, quite regardless of what it is:

1. That's mandated by (insert agency here). Or at least we think it is, frankly the guidance is so vague it's very hard to tell, but we know that if we get it wrong we'll be subject to months of inspections and possibly loss of funding, so how strongly do you feel about this exactly?

2. That was licensed back in 2013, we don't have the budget to review or replace it

3. That is approved by (insert agency here), it represents the latest and best thinking and it knows far better than you do (pleb)

4. All our other course materials are designed around that. Taking it out would leave a hole that would take months of work to plug, and nobody has time for that.

5. Yes, we hate that too, but Mr Awkward the deputy head likes it and if we try to scrap it, he'll retaliate by pulling our licenses for these other resources and demanding a full review

6. I've only been doing this job a couple of years, I don't know which of (1-5) applies in this case, but I'm pretty sure at least one of them does.

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

veti Silver badge

Re: Nigerian scanner

That would have flagged this story, and (separately) your comment on it.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020