What happened to Charon?
Charon was missing, or at least was unlabeled, in the linked GIF file. I wonder why it is being shy about having its picture taken. It is in the closest orbit around Pluto, so it ought to show up. Maybe if I squint...
2583 publicly visible posts • joined 31 May 2011
Stealing a page from Apple? The move looks good in terms of bringing malware to heel, but will Google also ban extensions involving ad blocking, anonymization or anything they perceive might interfere with their collecting a buck from advertising? For Google, this is a good deal. For people who use their product, it will probably work out to be more of a mixed bag.
Parakeets usually live in tropical climes...
There used to be Carolina parakeets in the US, but they are now, alas, extinct. Pigeons, on the other hand, are non-native to this range, so if these southern parakeets push them out, I look at it as restoring the natural order.
Not really a stretch for black hats: attacking a WordPress site already known well publicized to be poorly maintained by its owners in order to distribute malware to Windows machines. What will they think of next? Sending email to victims in hopes that they will install the payloads themselves? Come on, bad guys! At last act like you're putting some effort into it.
... the fact it was voted down at least restores some faith that elected representatives actually represent the people who vote for them, not the people who pay them.
The bill failed to get a super-majority though it did have a simple majority. It didn't even fail on the merits of the issues that I feel strongly about (see the note concerning copyright). To me, at least, this is more a case that a small number of elected officials' interests happened to align with those of some of their constituents... Well, perhaps that is how a representative democracy works after all.
While I am not sure how the statute of limitations would be applied under Swedish law, I am curious as to whether he could be charged and tried in absentia. At least in a generic sense, the limitation is on the time between the crime and a person being charged with it. If he has been charged, I would think there would no longer be a ticking clock in that sense.
I especially liked the bit in the linked article that said "the police department is thankful to 'all the neighbors and citizens in the area who showed patience and restraint.” I am not not sure if they mean that they are happy the neighbors didn't start firing on the suspect's residence, that they didn't cross the police barricade for a better look at the action, that they were filming the police the whole time, or some combination of the three.
So enlighten me, what are these other two "hate crimes" you speak of?
I suspect the reference was to the millions of people killed under Stalin and Mao, 23 and 78 million respectively versus 17 million under Hitler's regime.
Teased? Downright misled! This is what the source article states:
"Over 85% of the cyber intrusions ASD responds to could be prevented by following the Top 4 mitigation strategies..."
And this is what the paraphrasing gave us:
"The Australian Government Department of Defence found that operating system and application patching could have stopped 85 per cent of all security incidents it experienced,"
A cyber intrusion is a subset of security incident. Patching will do little or nothing to address insider threats, poor system management practices, or sloppy handling of sensitive materials on the part of employees. Patching is important and can be difficult, but it is not 85% of the puzzle pieces needed to make up the whole picture.
Today, not so sure. I would not be surprised to see a mandatory school and education use mandate. That is a few million units on its own.
They have created the Volga of the computing world. It only "works" if you have a captive market. Perhaps they should code name the next chipset in development Чёрная Молния (Black Lightning).
It's also said to be capable of x86 emulation, and to run Linux natively, after one performs binary translation.
Sorry, the first thing that got stuck in my head was "What? They need to be rewritten using Cyrillic?"
...thankfully they've resisted the urge to make such a travesty of a movie...
I felt the same about the recent Hobbit videogame movies. I really wanted not to watch it after the LotR's missing the Scouring of the Shire from its ending, but was forced into attending a marathon viewing which sadly did not involve alcohol. Why anyone would take a kid's story and turn it into a torture device for kids is... well.. brilliant, but I still wish I could forget the hours I wasted watching this trilogy.
Something I would love to see and nobody will be able to compute the outcome of.
I would think this is exactly the sort of thing anyone contemplating the creation of such a structure would want to work out. As well, they would want to create contingency plans based on the modelling of such a catastrophe.
Would you mind explaining the connection between web security and the picture you have chosen to accompany the article[?]
I don't like the banners at all, no matter how appropriate, but consider the phrase "web app security" and compare its likely existence to that of the "unicorn" in the image... I'm only guessing, but I think that might be the direction we are meant to head.
I was hoping for a bigger jump in security, with a greater range of tools for corporate admins. This bit is like MS took a look at a Qubes whitepaper and had a single takeaway. Too, the manageability of updates is a big concern, so it is nice to see tweaks to that. Of course, the OS is still in testing, but I would be a lot more impressed if they had built-in white-listing tools for apps or device control or any number of security measures that currently require a complex set of third party tools. In fact, what I really want is for them to build a robust security framework first and then put all the rest together around it.
This is how every article should look...
Now you've done it! The editors read these comments, and will be moving to screw this one up too fix it shortly. Then again, maybe they think the very annoying drop-down menus are distracting enough in this instance and will leave it alone. What are the odds?
Powerpack probably consists only of made-to-order systems. When I went to the product page, I found a link allowing businesses a chance to inquire about their commercial version. Alternatively, it might be vaporware.
I have to hand it to Apple: when they polished a turd, they came out with a gold-plated, $5K turd. Well done!
I don't know what hours your store is open, but one of the unexpected benefits of working nights is that I often get meat on sale. On the other hand, my dad told me that his family often only got meat for dinner when they managed to bag a rabbit walking home from school.
Though from a security point of view, I’m pretty sure it ought to be more complicated than that, lest someone sneak an extra HomePlug onto the network.
Thought of that immediately, then thought how else it might be abused, say in someone else's residence or in a hotel. It's a nifty bit of engineering, but at a minimum there ought to be some management tools bundled with it.
I also live in the UK's answer to deliverance country so could have happily supplemented my diet with roast pheasant roadkill but again I didn't feel it was comparable to what someone genuienly on the poverty line would be able to do.
I disagree. Hunger will make all sorts of things palatable that previously were not. In fact, I believe this explains a good deal of the world's cuisine, but I digress... Hunt, fish or forage: as long as it can put food on the table and in the belly, it ought to be considered fair. It should be noted that the season during which this challenge is conducted plays a large role in the outcome. Try running this during the winter while also factoring in heating costs and you will have a very real and very difficult challenge.
Kudos to the kids, by the way. Well done.
This is what happens when someone in upper management watches The Expert and uses it as a template for how a project should be planned.
It was the geckos deciding they are no longer going to be confined to quarters and forced to make do with whatever knickknacks they could find for entertainment. They successfully stowed away on the Progress capsule but are still trying to work out the controls.
The only reason I've posted these comments is to point out a factual inaccuracy in the article.
And there are others... I get the impression the author doesn't use Windows command line much except for PowerShell, if that. Too, there were other MS scripting possibilities not mentioned in the article (e.g. cscript/wscript, VBScript, JScript). I've had the... joy? of working with one incarnation of MS-DOS AKA CMD or another for 30 years now. While I think that it PowerShell is interesting in the way it does things and am pleased with the return to using command line as the default in MS OS administration, I find the change from CMD to PS as jarring as moving from anything else to Windows 8. I've written scripts to be run on a variety of *NIXes and am having a harder time shifting to PS than learning any of these from scratch. Maybe I have just gone from getting to being old.
PS has a few neat tricks like being able to specify output types that are native to MS Office formats, but I have been able to do that more generically using CSV and RTF for years. Except for things that were designed and created with PS as the default scripting language, I haven't run into anything that I couldn't do previously with CMD.
Essentially, MS has done to admins what they have been doing to all their other users: changing everything, telling us it is for our own good, and forcing us to relearn things that we have been able to do just fine for years. Not much of a production boost as far as I can see, but it is the Microsoft way.
FF22, your point about the difference between security and privacy is well taken (and well said, by the way), but I think both you and the analyst both make a fundamental error in attribution: why is PayPal gathering the info they do? Yes, they might be pulling it to compare against past transactions as a fraud prevention method. Conversely, they might have some legacy code from the beta testing phase of app development. The why of it is important for a number of reasons as it has implications for where weaknesses might be in the app itself (flaws might be left in simply because no-one is paying attention to the code) or what kind of data might be leaked in the event of a successful attack (PayPal is a prime target). While I would not expect my fellow commentards to dig through EULA of these apps or to contact the app publishers, it would seem the researcher had an missed opportunity there. The flaws mentioned in the other apps were certainly that: flaws.
At the very least, one take-away should be that apps should only gather and transmit the data needed to do what they are intended to do. The more bloat that is added in, the greater the chances of flaws creeping into the mix. Also the more power the app will use, which in a mobile device can add up. The people who run the app (customers, for want of a better term) should know what info is collected, sent and retained by the app maker and have a reason of why this is done. Finally, the owner of the device on which an app is run should be able to control access rights for the app. This last should be pinned on the OS makers. Google's offering is particularly bad in this area, but I notice that the only hint as to what manufacturer's device was looked at by the analysis seemed to be Apple.
For how long?
As long as it continues to produce useful scientific data that costs less to obtain than that of replacing it with something else. To be sure keeping something like this requires a budget, most of which is getting the thing into place to begin with, followed on by repairing it when needed. As far as the ground support costs, well that is rather implied in the use of the equipment. In fact, one might argue that having all that data to analyze and store and all of those people involved in doing so is rather the point of the project. As Dr McCarthy was quoted in the article, there may be other options.
"NASA has a plan to send up a de-orbiting module that attaches to Hubble and drives it into orbital decay mode to allow it to be brought down into the ocean or on unpopulated land."
I'm not an aerospace engineer and I think it is great there is a contingency plan in place if the telescope needs to be removed from orbit, but if it can be pushed down, why not go the other direction and keep it going? Even though there are other incredible telescopes coming online, there will be plenty for all of them to do for a very long time.
Comparing X to something you've actually stood next to is about as concrete as it gets.
Well said! Especially given that it was defined as having a volume of 1,000 cubic miles which should have been good enough for those that were looking for something a little more abstract1.
1 Fine! It comes to about 18,653,228,928.7794 Olympic-sized swimming pools.
I find his his frontal cortex guilty as charged, and order that it shall be confiscated, taken from this place to another place, and thoroughly minced until it promises not to do it again...
Is the Judge's name in this tale Shylock by any chance?
Trains on stilts are still subject to flooding, even if they are completely enclosed, as their foundations may be undercut by erosion. Traditional railways currently have service cars to check the safety of their infrastructure. I have no idea what is involved in similar efforts for maglev trains, but they have been around long enough that there is certainly an equivalent for them.
Google's decided that for a month from April 21st, its Local SSD offering “will be priced at $0.055/GB/month, a 75% discount. After that time, the price will return to its normal $0.218/GB/month.”
Not sure how this would benefit anyone if they could own the SSD outright in very few months for what Google normally charges for rental.
...it gets out of proportion when true dumb panels get recommended and you end up with a separate panel, TV tuner, amplifier, media player etc with half a dozen plugs, half a dozen things to turn on and off, and half a dozen remotes.
You make some good points, and by its nature the implementation of something like this is going to be unique or close to it for each instance, but I do not see why you would need to worry about multiple controls or power management. I run my "remote" off an app installed on my phone. In my case, I store my media files on my NAS, so it is not powered down. I use a Pi, so leaving it on is not a big deal, but there are power solutions out there that allow for similar control via smart phone if you want to go that route.
As for the Smart TV idea, I look at them as similar to all-in-one devices of any sort. If one part goes out, you can effectively lose the package. and you are almost always paying for more functionality than you will ever use.
Google's collective ego has grown large enough that it is warping space around it. This ought to go in the Bootnotes section or wherever El Reg is dumping its more tongue-in-cheek articles these days, not because of the reporting, but because I cannot imagine how anyone could get those things out with a straight face.
For example: "There is so much structure and connotation around the word malware that internally we don't use that word...That malware is increasing and most devices aren't protected is a myth.” Obviously, if there is no such thing as malware, it couldn't very well be on the rise, could it? Someone should have dumped a box of phones with older versions of Android on them and asked him to update the lot. A missed opportunity, to be sure, but perhaps it could be used in an encore presentation of this comedic performance.
He also said the attack can be combined with HTTP request hijacking to trick iOS apps into pulling information from an attacker's servers, allowing the miscreant to compromise the software by feeding it bad data.
Setting up a "No iOS Zone" is annoying, but being able to force victims to connect to controlled network from which a man-in-the-middle attack can be staged seems to be more severe. Different attacks for different goals, I suppose. As far as seeing it in the wild, it was used for a MitM attack, it would not be as noticeable as if the device started rebooting over and over. Time to stop wearing tin foil hats and start wrapping our phones in the stuff.