Posts by Ken Hagan

Presumably they know this because the Chinese mines do these things. I wonder if they have informed the local population in China of this?

Re: Secure network connection

Doesn't running X over SSH remove that problem?

Well, I say "remove" but I mean sidestep, since the X connection is running oblivious to the security being provided by the SSH connection underneath it, the latter having been set up in the traditional direction.

Re: Too risky

No, you just made a post that ignored the word Victorian and thereby completely missed the point of the post you were "replying" to.

Re: Sentience? Meh...

We're relying on human language. I expect I'd fail a Cat Turing Test.

Re: And for EU visitors ?

Not necessarily. A fair number of US sites dealt with GDPR by blocking EU visitors.

Rather than being bent at hips and knees and shipped as freight?

On the face of it, the packing density ought to be better so it's a little surprising that no-one has tried this yet.

Re: A pipe-smoker comments...

That might have been true on the day he said it, but imports became more expensive the following day and inflation eventually adjusted the value of the pound in your pocket to make Harold a liar.

Proof that politicians have always been willing to insult the electorate's intelligence if they think it will make the awkward question go away until later.

In this case, the cables were distinct. Only the poles were shared. Does that count as layer 0?

Re: Chrome is the hellmouth

"if you have certain active scripts blocked, the "Install Chrome" panel is missing, and you get a silent install - very crafty."

Is that actually legal? Does it not count as using someone else's computer without their permission? If not, why not, and can Joe Public use the same loophole to install spyware on other people's machines?

Re: Cynical but accurate

Except that you get a different answer each time. You'd be quicker just calling rand() directly.

Re: The internet is two way

But there may be a thousand times as many ground stations as satellites. How many drones were you planning on using? How many targets, one at a time, are you planning to throw expensive precision-guided munitions at?

No. I think the chinese analysts have got this one right. Starlink-like systems make existing anti-satellite weapons obsolete.

Re: even more safer to operate?

No. It's not important. It was not an accident. It was an monumentally stupid act of self-harm. It tells us nothing about the safety of nuclear power.

"and is never going to be updated"

This is the point made at the end of the article. If you tell programmers for 40 years that .0 is reserved (and can be used to identify a network) then they will build that into their code. Likewise with 0/8 and 127/8. I've certainly written code that classifies addresses as multicast or node-scope based on the numbering. In fact, I'm not aware of any other way to perform such a classification, so I'm not even sorry.

Re: Not commenting on the business practices

From the fine article:

"The decision to remove BMC Software technology from its mainframes rested solely with AT&T, as was recognized by the court and confirmed in testimony from AT&T representatives admitted at trial."

Re: Control Your Own Upgrades

"who's idea of fun is [...] to test a keyboard and mouse-less OS controlled by throwing M&Ms against a charged metal plate..."

But that *was* fun, right up until some bastard upstream recompiled libmetalplate.so to use a conflicting version of libplate.so and I had to mount the root filesystem in a different system in order to pin the package versions.

"Mr Average needs an OS which just works, doesn't get in the way, and is easy (for a normal person) to find support for."

This. Specifically the third requirement, despite the fact that Windows increasingly doesn't actually deliver on that front. No-one is going to make the jump unless they have a promise from an experienced friend that they will hand-hold and fix problems. With a decent distro, that support will not be a burden long-term, but I find it hard to believe that anyone can learn Linux from the interwebs painlessly.

Possibly a fourth requirement is to have a second computer (permanently on hand) that you can use to fix the first one. Most geeks take that for granted and most normal people don't have it.

Re: More of the usual

Sounds a lot like you need to run that "game" (that you downloaded from a dodgy web site) as an admin. If so, I hardly think it counts as a hole. I could "inject" malware into crontab on a Linux system if I had the privileges. It's what the damn thing is designed for!

It is fun to see different examples of the mischief that people can get up to once they've taken over your system and it gives us more examples to use to convince our friends that they really shouldn't be running anything as admin if they can possibly avoid it, and certainly not if they've got it from a "helpful" site that meant they didn't have to pay for it. But it is hardly news.

Re: Not different in the EU though

drill rt.com @8.8.8.8 yields 91.215.41.4

drill rt.com @217.169.20.20 yields 0.0.0.0

The former is Google's service. The latter is Andrews & Arnold, an ISP in the UK that has traditionally taken a dim view of censorship (see https://www.aa.net.uk/broadband/ and skip down to "An unfiltered Internet connection"). A&A's boss had a few things to say on the subject in this article -> https://www.ispreview.co.uk/index.php/2022/04/russia-sanctions-add-shock-internet-censorship-twist-for-uk-isps.html. That article concludes:

"UPDATE 6th May 2022

Ofcom and the UK Sanctions List appear to have confirmed that the first block list domains are for rt.com, sputniknews.com and rossiyasegodnya.com. Most ISPs will be implementing this via a basic DNS level block, which is usually the simplest approach."

So yes, we're being censored.

Indeed, but it doesn't answer my question. The "original translation" is non-idiomatic English, so either it is a bad translation or it is preserving some non-idiomatic quality of the original Italian. I don't speak Italian, so I thought I'd ask someone who does.

Re: Contradiction

Assuming that they gave their assistance for free, that doesn't constitute "doing business" in the UK. Then again, even if the statement is true this judgement is still a problem if they ever want to start (*) doing business in the UK.

(* Or restart. I note the phrase "at this time" and wonder if ClearView have done business in the UK in the past.)

Re: Gaping hole

I dunno. How many words do you need? As the article states, the interpretation of that First Amendment has been pretty consistent over the years and the experts seem frankly rather surprised that Texas is trying it on.

Oh, and the 231 years is irrelevant. "Thou shalt not commit murder." is rather older and has simply been translated into almost (?) every human language because we haven't actually changed our minds about this in the last 5,000 years.

Re: Overinflated sense of self importance

" When I kindly informed him that a new laptop would be with him in just a few hours, he was furious!"

I suspect that if you had delayed the phone call for the few hours and said "It will be with you in a few minutes." then you'd have been more popular. You and I both know that this would have been poorer customer service, but he is a jerk and so probably doesn't see the world the way we do.

I don't think it needs to be embedded in the document for most of those tasks. Keeping it out of the document makes the document safer for people who just want to read the answer rather than generate it.

It would seem to me, then, that targetting the (relatively small number of) bullet-proof hosts and making them legally liable for their content would be more effective than trying to target the (relatively large number of) law-abiding internet users who just happen to have a valid reason to encrypt their personal finances and private communications.

Funnily enough, this is almost the same as the solution to the problem of "anti-social media". You make the internet companies legally liable for what they publish on their site. If they want to be exempt, they need to say who the original author is and produce credible evidence that they can stop that person from using the service in future under either the same or a different identity.

Right now, so much of the internet is just making cash out of facilitating ... "something, don't know what, don't care, as long as it keeps generating cash for me".

But really, while this /could/ happen, it /would/ only happen if there was some nutter out there who actually had a motive to tank thousands of businesses just for the lols.

We don't know anyone like that, do we?

And certainly not anyone like that with the resources to pull it off, surely?

Re: You want to play hardball?

Ah, thanks. Intelligence and the Army aren't best of friends right now. (Something about not being welcomed with garlands by nubile virgins on day one of the invasion.) My guess is that this guy is toast if Putin isn't around.

Re: Just saw an article yesterday

Looks interesting. Obviously we await confirmation that this works in practice and at scale, but they claim to have a process already so it shouldn't take long to prove it one way or the other.

Re: How friggin' tough could it be to just print the words?

Oh no. It would suffice to have it in just one language. The manufacturer would presumably choose their own, for the benefit of all their testers.

Now, where's all that crap made again?