* Posts by Dave W

27 publicly visible posts • joined 7 Oct 2011

OnePlus Android mobes' clipboard app caught phoning home to China

Dave W

Re: Chinese version?

There's actually an explanation of sorts in the Reddit link AC posted above... Remembering firstly that Alibaba in China runa cloud service much like Amazon'a AWS in the Western world, one would assume these requests are being sent over https to an Alibaba instance owned by Oneplus.

From what I can see it's a cloud-based API which monitors the phone clipboard and obfuscates Taobao links by recognising and replacing them via a URL shortening service, bypassing the censorship used in the popular Wechat app.

Original explanation:

lambdaq 238 points 2 hours ago*

Chinese here.

Maybe I can provide some insight and background story

Here are the API request OP captured

http://bigdata.taobao.com/docs/api.htm?apiId=31578

https://open.alitrip.com/docs/api.htm?apiId=26657

So there are two Internet giants in China, Alibaba and Tencent

Tencent has this crap mega app pretending to be IM chat app, Wechat.

People share ebay links, oops, I am sorry, taobao links in Wechat

Wechat got jealous, the blocked all *.taobao.com *tmall.com links to "protect the customer from fraud"

But of course people love taobao & tmall because it's full of cheap shit and ppl think they can out smart scammers.

But anyway, two Internet giants, one blocking link to another.

The taobao guys invented some thing clever, they invented some kind of hash code, which is called 淘口令, which is some kind of token that uniquely link to a taobao/tmall SKU, so Wechat can not block arbitrary alphanumberic tokens, thus ppl can share the crap they bought on taobao, via Wechat

But after all, tere's the catch, how does Oneplus ROM has anything to do with this?

Well, the clever-ass part is they will match certain strings from your clipboard, send the token to taobao API, and restore the original SKU links.

That's it, that's why you will see strange URL requests going to Chinar IPs.

TL:DR Smart Clipboard trying to analyse your clipboard content by sending request to alibaba matching againt Taobao links.

Nationwide’s online banking goes down again

Dave W

Am I the only one that thinks the occasional planned weekend maintenance is perfectly fine even for a bank? This only affected telephone and online banking, ATMs and cards were still useable and customers were notified well in advance.

Surely it's the price we pay if a bank wants to invest in keeping their infrastructure modernised? Better that than the "if it aint broke dont touch it" approach favoured by banks towards the end of the 20th Century.

LinkedIn mass hack reveals ... yup, you're all still crap at passwords

Dave W

Tosh

There's also the argument that as LinkedIn is such a steaming pile of tosh, many people (myself included) use crap (weak) disposable passwords.

There's absolutely nothing of value in my LinkedIn account - just lots of people trying to connect with me so that they can try to sell me stuff, and the credentials I used are so weak that I wouldn't dare use them anywhere else.

OK Google? Firefox to nibble Chrome extensions from 2016

Dave W

Re: why do I stick with Firefox?

The Mozilla Foundation have always been the nice guys of the web, and I've used Firefox since the early 2000s (with fond memories of "Cookies are delicious delicacies" - in itself a hat-tip to Netscape).

I did have a spell where I moved to Chrome because everyone was telling me how much quicker and more efficient it was, but to be honest I noticed no difference whatsoever (benchmarks are rarely a true reflection of real-life usage scenarios) so moved back within a few weeks.

Call me paranoid if you like, but I'd rather use an independent browser than one run by a monolithic corporation such as Google, Microsoft or Apple, each of which have their own longer-term agendas.

The very fact we have such a choice is the important thing, and long may that choice continue to exist. away from the dark early days of the web with the massively dominant IE5/6 market share.

Google reveals OnHub WiFi router, complete with GLOWING RING

Dave W
Thumb Up

Good old El Reg

I made the mistake of reading about this device on a different tech news site this morning, that i shall euphamistically refer to as "Gammr" (which has recently been subject to a disastrous rebranding).

After their light and fluffy article with no technical content whatsoever put me in a bad mood about technical journalism, it was refreshing to come back to The Register and read this.

Thanks Darren Pauli for a much more informative article!

Geofencing: The ultra-low power frontier for the Internet of Things

Dave W

Re: " If I leave the stylus behind, the phone freaks out ..."

Indeed, I await the dawn of smart cutlery, where a fork can scream for help if (heaven forbid) it should be placed in the knife section of the cutlery drawer.

Elite: Dangerous 'billionaire' gamers are being 'antisocial', moan players

Dave W

No of course not.

But other IT rags published this story far more objectively, for example PC Gamer: http://www.pcgamer.com/frontier-investigating-elite-dangerous-exploiters/

Simon Sharwood's repeated negative (and in several cases factually incorrect) coverage of Elite Dangerous over the last sixteen days shows a journalistic standard unbecoming of the otherwise mighty fine Register and shows a level of bias and one-sided opinionistic crusading that I'd come to expect from the likes of the Daily Mail.

Sorry Simon, I would just much rather see you speak to Frontier directly and get more information straight from the horses mouth than post links to forum trolls below a picture of Scrooge McDuck.

Elite:Dangerous goes TITSUP

Dave W

Re: I'm not a programmer.

The "snapshot" idea is initially feasible, but would require some dev time that I (personally) would argue is better spent elsewhere.

The biggest issue with doing this however is in ongoing maintenence and expansion. ED is at present merely a foundation upon which Frontier are planning to grow (think how Eve Online has evolved over the past 10 years). Having to then back-port all of these changes into everybody's own unique offline version and check for potential issues/conflicts would slow development far too much.

I'm impatient for the multiplayer code improvements and the ability to walk around my ship (Eve:Incarna anyone?), so I'm against anything that gets in the way of this dev timeline.

Microsoft buys Minecraft for $2.5bn. Notch: I'm getting the block outta here

Dave W
Thumb Up

hehe

Far be it from me to question Microsoft's business dealings.

But they have just spent several billion pounds purchasing a player-base of millions... Who, get this, *already own the game*.

There is no way Microsoft can ever recoup this expenditure. Unless they plan to launch lawsuits against the dozens of Minecraft-alike games proliferating the market...

Oz couple get jiggy in pharmacy in 'banned' condom ad

Dave W

Re: "Come again!...."

*groan*... and upvote.

Coming soon to Twitter: Inboxes BULGING with DMs from world+dog

Dave W
IT Angle

SEO whoring?

And the relevance of the McCann affair to this story is?

Is our Reg Hack fumbling to include a tenuous link to a trending topic in order to artificially inflate their stories popularity?

Grand Theft Auto V: Violent, sweary and amazingly ambitious

Dave W

Re: "The presence of Michael, Franklin and Lester,"

You mean you haven't found how to unlock Lester Haines (http://www.theregister.co.uk/Author/29) as a playable character yet?

IRON MAN MUSK: Elon reveals Tony Stark-style 3D design smarts

Dave W

Robbie Rocket Pants

You will never believe the elation followed by disappointment that I felt when I realised I'd misread the opening paragraph and that it referenced rocket "parts" and not rocket "pants".

"Elon Musk has posted the video of his Iron-Man-esque 3D design process, where he makes rocket pants using a Leap Motion controller and a 3D printer."

Buy a household 3D printer, it'll pay for itself in months!

Dave W
Joke

In other news

In the year 2017, the bottom falls out of the 3D printer market when someone realises that you can use your second generation 3D printer to manufacture other 3D printers...

No fondleslabs please, says Microsoft as Office 365 hits Android

Dave W

US Only

Currently only available in US, with no official UK release date. It would have been nice if this was made a little clearer on the article.

BT unleashes SIP licensing troll army

Dave W

Re: How does this work?

Or indeed "Briton's". This is the place where we pedants hang out right?

SanDisk cops to malfunctioning Micro SDs in Galaxy S3s

Dave W
Thumb Up

Re: RMA policy

I can confirm that after speaking to Amazon through the "web chat" service they are happy to refund and will even pre-pay the return shipping. They couldn't replace it as the card was temporarily out of stock (but available for a couple of pounds more from a marketplace seller). As a result, they've also issued me with credit for the difference so I'm not out of pocket if I choose to re-purchase.

Now that's customer service.

Dave W

Re: RMA policy

Thanks for that. I've actually tried exactly that, but the retailer in question is Amazon - and I can find no way to return an item after 30 days, their help pages just refer me to the manufacturer for returns outside of this period.

Dave W

RMA policy

I'm currently trying to get RMAs for two 32GB Sandisk Ultra Class10 cards that have had this exact issue in Galaxy S3 i9300s.

Worth noting that Sandisk's RMA policy states: "Please note that replacing your product with us requires you to send it to our facilities in the Czech Republic at your own expense." and "you should expect a turnaround time of between 2 and 4 weeks."

"International signed for" comes out at £7.36. Still better than a replacement card (£20) but it would have been nice if I could have sent it to a UK distributor.

SimCity owners get free game, EA will get A NEW CEO

Dave W
Thumb Up

9 out of 10 Llamas refused to comment

So am I the only one who actually likes the game and hasn't had any problems playing after the first few days? Though I am looking forward to the traffic routing improvements.

My dislike of EA runs deep, for many reasons (thanks for ruining Mass Effect 3 guys); but Maxis have made a very good game here! I'm quite happy spending my evening browsing El Reg while my city sims away in windowed mode on my other monitor. £30 well spent for me, considering £30 doesn't really buy you much (it's not even a night out).

Ten affordable mid-sized Full HD monitors

Dave W
Flame

Scores

So five monitors share equal first place at 85%.

Five more monitors share equal sixth place at 80%.

Is the competition really that close?

I'm no closer to being able to chose my new monitor now than I was 20 minutes ago.

I'm sorry El Reg, I'm not a habitual flamer; but please give me more specs and numbers. Tell me how many dvi/rgb/dp connectors the screen has, also please give me a review score that doesn't end in a zero or a five.

Finally, the BenQ XL2420T gets 85% at £290 - also the AOC i2353Fh gets 85% at £130. Is the BenQ really more than twice as good in order to justify the price? Is it really so impossible to pick between these two that on a scale of one to 100, they both get exactly the same marks?

Dropbox joins the security two-step party

Dave W

Clarification

From the article: "In July, the company pledged to the move after a bunch of its customers had their accounts hijacked and used to send vast quantities of spam for gambling websites"

Is this correct? I understood it was merely a spreadsheet containing a list of customer email addresses which was leaked from within an employee's Dropbox.

Dropbox brings in crack team to probe spam leakage

Dave W

Full content including headers posted to pastebin

Postified:

http://pastebin.com/TG651duJ

Raspberry Pi safe and warm in TINY Lego fortress

Dave W
Thumb Up

One of the big benefits of the Pi is that the SoC (BCM2835) consumes only 1.5W. Even in completely sealed enclosures, it's difficult to get it to exceed 45C, partly because the board itself acts as a giant passive heatsink. A quick Google suggests the melting point of ABS plastic (such as that used in Lego bricks) is around 105C. I'd suggest that the holes left in the enclosure for connectors to poke through would provide more than adequate passive airflow.

I've just spent the last 5 minutes researching and justifying the use of Lego as a system enclosure. See, IT can be fun.

comp ended

Dave W
Thumb Up

Re: I'm not normally one for competitions... but

Indeed.

It's Mrs W's birthday next month. I f I were to win one of these, that's her present sorted and I can spend her birthday fund on Plex for Eve Online :)

DW.

El Reg in email address blunder

Dave W

This is becoming an increasingly common occurrence across the globe, and you can bet for every time you hear about such a mistake, there are a few dozen data security breaches which are covered up.

46,500 people affected pales into insignificance alongside the size of breaches by the NHS and local council authorities for example which often run into the millions of records.

<exaggeration warning>Chances are, if you've been alive for more than a week then some of your data's probably been leaked somewhere. More than once.</exaggeration warning>

So, fresh perspective, your name isn't sensitive information. Chances are your email address isn't all that sensitive either (are they both on your business card? You've never lost one of these incredibly sensitive wallet-sized documents, or handed one to someone you don't know right?)

If it was financial or medical details I'd be livid, but with a sense of perspective it's not all that bad.

At least the senders of junk mail might start spelling my name right now. And if they know I've got an interest in IT it might even be well-targeted spam. Exciting.

Lightsabres to illuminate Christmas dinner

Dave W
Headmaster

Spelling?

Lightsabre or lightsaber? Because these things are important to my innre pedant.