Posts by oldtaku

Whyyyyyyy?

Why would you put your cryptocoin (of any sort) in a third party 'vault' when these things have big red 'hey come hack me for big loots!' flashing signs taped to their doors?

None of them are secure or even /can/ be secure with determined enough hackers.

And even if they're secure enough, eventually the admins succumb to temptation and you get 'hacked' by the people supposedly protecting your coin.

It's just a bad idea.

So, totally incompetent dev is upset at Amazon for decompiling his app, which anyone can do, and discovering he just hardcoded critical security stuff as plaintext strings right in the app.

Oh yes, Amazon is clearly in the wrong here.

Sure, and I'm certainly 'willing' to sleep with Alison Brie and Kerry Washington.

Probably better to just start with Debian or Mint these days (depending on whether you want server or out of box desktop) now that Ubuntu's gone off the rails so badly.

Sadly, is there anyone who is even remotely surprised by this? I just assumed this was already covered. Good to have it confirmed, of course.

Now over 110M

It's up to 110M now in less than 12 hours.

Just figure if you ever gave Target any of your personal info, or if they bought it from someone else for marketing purposes, it was stolen.

You'll notice they don't deny taking the $10M.

Dual_EC_DRBG was known to be weak and slow and suspect even before it was adopted as a standard.

RSA made it the default in mid 2006 in spite of the known concerns.

By 2007, both Schneider, Microsoft, and others had shown it was fatally weak and flawed.

RSA kept using it as the default till late 2013.

They were either in the NSA's pocket or stunningly incompetent at security, which is supposedly the one thing in the world they were the best at.

'You know what this website really needs to fix it? A ribbon bar!'

Looks like they got bit by their own byzantine circus of GPO settings which interact in (often) mysterious ways and make life hellish on the Windows servers.

I'm sure they even tested before pushing, but it only takes one obscure setting on the production servers, or something that only interacts with real requests coming from the real load balancers.

Now that's eating your own dogfood.

I don't blame 'em

With IE9's CSS weirdnesses it's still a pain in the ass to support (though nowhere near as bad as IE5/6). IE11 is much cleaner, so they should be able to scrap a crudload of IE9 specific hacks and clean up the creaking code.

You should still be able to use the pure HTML version on IE9 if you're desperate and can't upgrade to another browser because the IT guys are holding your puppy hostage.

Anyone who knows enough to care about Windows 8.1 is not the sort of person who would be daunted at all by needing to upgrade to it. Hell, you might even be running RTM already.

I'd certainly agree that Samsung's deprovements to stock Android probably take off about 10 points.

Older devs at our company have no problem picking up new tech - there's no choice since we're not a government agency or big bloated corporation. Who knows what the next project will bring?

Our biggest advantage over the young guys - we've already made soooo many mistakes. And time estimation, triage, and other engineering skills seems to work across any tech.

'Samsung’s TouchWiz code'

Well that would do it. One more excellent reason to root and clear that crap out. Of course I realize that most people won't or can't do that and it's ridiculous that they haven't fixed it yet for their tens of millions of existing devices. They've always been very bad about updates.

Good to know my physical links are now 2000% efficient

Wow! I just transfered a very large file at about 85 MByte/sec over GigE using TCP. You can imagine my elation to know that my Gigabit Ethernet NICs can now transfer 20 Gigabytes per second with only a protocol change.

So seriously, I imagine this is an alternate algorithm for lost packet retransmit over UDP with attempts to minimize TCP's backoff. There are dozens of schemes to do this with TCP already ( https://en.wikipedia.org/wiki/TCP_congestion_avoidance_algorithm ), but minus the hype codswallop anything new is interesting.

Good lord, what a cesspit of buzzwordy twaddle. Your Indian outsourcers aren't going to get any more diligent or intelligent just because you follow them on twitter or friend them on teh faceboek. You're going to have to be on the phone screaming at them every day in order to get the basic services you're paying for, as per usual.

Not sure how they do this in the UK, but in the US 'He is not a suspect, just a person of interest' means 'He is our primary suspect and we need him to turn himself in now so we can cuff him, taser him 20 times, and throw him in a cell under 24/7 watch (in that order) till his hearing, and we hope he is stupid or insane enough to believe that.'

So good. Here's the best way to play (I think).

I love how open this game is, all the little stories you find off to the side, often not explained but obvious from the context. In addition to reading all the books, make sure you talk to everyone until they stop talking back, and use the heart on them till it repeats if you want the full story.

But here's what I suggest - play through once trying to sneak but just killing everyone when you mess up. Get the disappearing bodies skills and just blink, backstab, blink, or headshot with bolts. It'll go fairly fast, because if everyone's dead you can explore pretty quickly.

Now play again - kill nobody, don't get detected (ghosting). By this point your skills are good enough that you can slip through the levels with ease. You think killing every hostile on the level is badass? Having nobody even know you were there is so much more satisfying. And yes, they made it so you can play the entire game without killing anyone. The levels will take longer but you will feel so much more relaxed. You are now the ultimate Zen Assassin. Does a falling victim make a sound if it's not dead?

This game is the Thief 4 I've been waiting for.

P.S: I'm fairly sad that when they playtested the masquerade mission you mention none of the console players could figure it out without explicit directions on what to do, which is why the NPCs in that mission rub things in your face ('HEY MAYBE YOU SHOULD GO UPSTAIRS WINK WINK') even if you're a PC player. Oh well.

Though they don't deny that he said it.

Which it would be really easy to do, you know, if he hadn't actually said it.

Yeah, that's what Apple really needs to focus on. Getting people to breed more. We just don't have enough people.

Didn't MS say they were specifically going to rip out the bits of Win8 that let this work after it showed up for early builds?

And of course even if it still works, any time you try to run a 'optimized for Metro' app it'll still pop you into full screen. There's no escape.

At least name the poor thing.

I realize they don't want to name every single pebble they see, but perhaps they could make an exception for the first poor bugger they're going to blast with their nuclear powered lasers.

Instead of N165, perhaps... 'Julian Assange'.

What Chinese person is worth £227,785 to China unless they're party apparatchik? More like £10.

That's because there aren't nearly as many annoying prats on Google+ to poke you with self-absorbed updates.

Florida?

I assume the entire state of Florida is already in the 'area of outstanding natural stupidity' Hall of Fame.

Still the only state with its own Fark tag since the number of stupid and asinine news stories out of it rival all the other states combined.

It's a bit strange then that the number of crap Chinese coders I've had to work with vastly outnumbers (raw numbers or percentage-wise) any other nationality other than Indian. I've also worked with Russians, Ukranians, Poles, Ausies, Canadians, Brits, Irish, Scottish, German, French, Spanish, Yanks, even Mexicans.

But I'm willing to believe that if they're any good at all the Chinese govt immediately hires them to hack into NATO defense contractors and I never get to deal with them at all.

It's a trap!

That was my first thought as well. Now they can charge both you /and/ the app provider for the bandwidth.

Because there is no way in heck that AT&T would be doing this as a service to the user.

I Fell

I bailed when they started the ridiculous Real Names Only thing.

I understand they've since eased off on it, but too late now. Too dickly too soon, Eric.

Antenna diversity

Switching between two antennas for tx and rx based on signal strength is not a new thing - atheros 802.11a/g wifi has had it for years and years, and of course 802.11n does even more complex things with three antennas.

I'm not sure how common it is in cellphone radio chipsets, but there's no black magic here. You have two antennas oriented in different directions (and in this case maybe one has sweaty fingers all over it). Unless you have two completely receive/decode paths you check the backup antenna occasionally for signal strength and when it's consistently stronger than the main you switch to that as the main. There's a lot of finesse in your algorithm design (how often do you check the other channel, how much hysteresis, etc) but this is pretty standard.

And stands a pretty good chance of fixing the problem.