Smishing = SMS Phishing?
Who on earth comes up with these ghastly smashed-together words.
Some sort of complete Funt, presumably.
169 posts • joined 13 Dec 2011
I appreciate that it might not be a good idea, but I certainly do not understand the implementation or the mechanisms involved.
Let me elaborate:
I had assumed that the passwords are not in some text file that any new browser can pick-up and incorporate.
The favourites possibly are in just such a file, OK maybe XML, and would be imported only upon my agreement when installing a new browser.
Chrome has me signed into gmail already, and I presume there is a cryptographic protocol, beyond HTTPs, that allows me to download emails only to Chrome that is signed-in, maybe a session key or something.
So, this - or better, another key - should be used for passwords also. They are either sent by google (best) or stored in an encrypted file locally (worst), and only decrypted the moment they are to be used. Only then is the clear text available - and possibly visible to the OS, which could be compromised, or to memory-inspecting malware, or malware that intercepts pre-HTTPS command stream.
These should not be visible to the new browser, to be pasted-in to the relevant fields, other than by following a similar protocol, basically being Chrome in a shiny wrapper.
Please could someone explain how my supposedly secret password list within Chrome, gets carried across to a MS program?
I don't really go for the last word in security, but I would like to keep the OS and its ginormous attack surface, away from passwords and away from gmail. Defence in depth is the idea, though maybe it's more like width, in this case.
The number of updates needed on Windows is witness to the complexity and scale of its attack surface, Chrome is a lot smaller even though it faces the whole internet.
I can't imagine google hands all my passwords over to MS, so, is it that there is google-controlled and secured chrome in a windowsy shitflake-sprinkled wrapper?
Why not just use Chrome then?
Why on earth do MS think that they have some sort of right to even attempt this in the first place?
Automatically installing security updates is bad enough, when it just chucks your work in the bin. It's worse now you get updates on the whim of some bling-obsessed marketroid, to 'get you there' with the latest shit functionality. For instance a snip tool that puts a lovely fucking red border round your screenscrape - and informs you it won't work for long as it's "moving" ?
So, erm, does anyone know how this works and who then I need to trust to keep it secure?
Many thanks to Anon, for throwing light on the topic. I'm not sure where to place £lon Musk, (lucky typo there, I'll keep it...) - he's very clever, yes manic, a born maverick, but has a downside also.
I'm inclined to give him the benefit of the doubt - and allow some "artistic license" - as we allow great artists, performers, inventors to be a bit different in their habits, because they are valuable outliers. Talent, is the word, it's rare and never perfect in all regards.
He has a condition, we understand that, and is given to outbursts and petty disputes. I can see that the stress of fatherhood presses against that, it is an open and undefined set of new constraints.
Just coming up with the "name?" has obviously done him in, somewhat.
In another form of judgement, the fact that the balance of genius and maverick has made him very successful puts him on the right side, the market has judged in his favour.
I think it is more contrast, than compare, with Toddler-in-Chief, TICOTUS - who has made millions only by virtue of starting with billions. The market judges that one to be neither use nor ornament.
There is no genius there.
Is there an "understatement of the week" prize?
Oh the joy of the challenge, to somehow encapsulate all the frustration, annoyance, anger that MS continues to deliver, into one phrase.
Shitflake sprinklers comes to mind, an unkind reference to the absurd and entirely juvenile re-modelling of Excel and Word, with thousands of choices of "sprinkles" - different styles each more ghastly and lurid - reminiscent of the cultural imposition of chemical flavouring "shots" and said shitflake adornments by the big-name coffee shops.
Perhaps their other superpowers ought to get a mention, "Processor heating engineers", "Renowned cycle stealers" - even as i speak, their "MS Teams" is busy consuming 50% of my 5000 MIPs - testing some poor register bit to beyond death - in order to find out whether I've offered call quality feedback yet, or not. How can starving children program that badly?
Oh, and the whole "you said you didn't want your room tidied, so I did it when you weren't looking, and all your stuff is in the garden" approach to updates - which combines all their previous skills, the fatuous functionality, hogging the processor till you submit to their will, and adds deliberately breaking autosave - which now only works if you store onto MS cloud, rather than disk - and deliberately deleting or hiding documents you were working on.
Maybe "productivity assassins", "teletype tinkerers" - given that most of it is tinkerage now, Excel 2003 was the high point, and the teletype is nearly as old - and it's what they started on.
I don't know, maybe they should also be lambasted for the cringing "world" adverts, making shit office software and pretending it's saving the world? - "Teletype visionaries" - any sort of mash-up of the above?
Have to agree with Reg though, it's best sorted out over a long lunch.
I'm hoping that the judgement might be challenged by logic, on the basis that "could I just be a highly skilled employee" is a one-way function.
Consultants are human, employees are human, so any position could be filled with either a skilled employee, or a consultant, therefore all consultants are employees. To argue otherwise requires you to be superhuman.
Both sides are wanting a differentiator.
Genuine consultants don't want their honest status to be subverted by artificial avoidance, like the train drivers (no harm to them they were forced into it) - who woke up to find they were independent train driving consultants.
HMRC would find their life a lot easier if they could make a fair differentiation that everyone can accept. We all would - can we define terms that declare with certainty whether one should be taxed by method A or method B?
Germany puts emphasis on working for more than one client within any given year - even if it's only 5% (my supposition). Also not having a fixed desk, a client business card, and a few other distinguishing terms HMRC could look to adopt.
My differentiators would be "cross-pollination" and "short-lived expertise".
Cross-pollination is a critical concept to the "value", in GDP terms, of the consultant/contractor market. Given the relatively slow flow rates of permanent employees between companies, the adoption of "best practice" can be, is, impeded.
Consultants accelerate this process. In my line of work, the rigour of automotive design and production is greatly welcomed in the new medical fields, it's a carry-across of familiar know-how. It's not in any way a "stealing" of one company's IP into anothers.
Conversely, the medical "life and limb" safety requirements and methodologies feed well into automotive ASIL ratings - the approaches, methodologies, burdens of proof.
So, a prototype "cross pollination" metric might ask if you are engaged for your general problem-solving ability, as could be met by a highly skilled employee, or for your experience and know-how.
Note that know-how is the third leg of IP:
Copyright, Patent and Know-how.
Some companies [RR] choose not to patent what they have discovered because patents only last 15-17 years and rely on full disclosure.
Short-term expertise covers the ASIC design phase, most companies that benefit greatly from custom silicon ASIC design, need it only once. The experts involved move on, it is a lesser task to manage the various implementations of the working ASIC.
It is a very much harder task, and therefore more valuable, to make ASICs that work.
If that is your skill, a permanent employment will not exercise it to the full.
By a similar token, contracting allows all highly skilled individuals to focus on their best skills, it is an imperative that one should strive to employ one's finest skills to the greater benefit of commerce and society.
I don't think that booby-trapping the entire workspace with ad-hoc factors and weights, undefined till in court, is any way to proceed with regard to harnessing the innate talent of the British to invent and consolidate said invention.
The sad truth is that marijuana is a lot safer in prisons than the legal highs they've all taken to recently.
I guess the "legal" stuff doesn't show up in tests that affect your parole and privileges.
But then you might end up mad or brain damaged, no-one knows.
If they can make an exception to the non-smoking rule for prisons, why not dope also, would calm things down, offer time for reflection, take the cartels with their punishment beatings out of system, all good things.
Oh yeah, but half of them are in there for that in the first place.
(actually 4000 for all drug offences in 85000 total)
The fines are just part of trying to sell into America, everyone gets clobbered at some point.
In a very big wide open space like America, I think NOx emissions are an excellent means of creating bio-available Nitrogen. Did you know that over half of the worlds biomass is down to humans working out how to fix Nitrogen?
I don't see why there's all this nonsense about NOx, makes me laugh it does.
I may be paranoid, but I see this as a perfect single point of leverage to get the US and EU patent systems "aligned".
From that point on we can expect a lot of money to go to America, and for innovation to be relentlessly trolled with heavy lawsuits, most of which will be settled with a cross-license deal, i.e. borged.
In this aspect, breaking it up is the only safe way forward.
1) Herd all the European Patent Law into one stadium
2) Make it drink the cool-aid
3) Bring the EU and US systems "into line"
4) Increase the patent lifetime to 75 years
Makes 30 Trillion look like chickenshit.
- basically, in the new lawyer-driven world, IP rights are a good means to tax the rest of the planet, or at least all those with a trading relationship with the USA. They prefer their patents to be granted freely, more IP to threaten others with, they don't even need to be original FFS, whereas ours do.
They spent countless money and lives on securing the last of the oil, what do you do when the oil runs out? - increase the patent lifetime and draw royalties from everyone and everything.
1) these databases get either hacked, or worse, sold.
Look at the oopsy-daisy wherein our NHS records in their entirety were passed to a trusted partner, unencrypted, on a USB stick. Parliament committee scolded the relevant tossers, but you can't get the shit back into the donkey.
Look also at the sale of DVLC records of your choice at £2.50 a pop - targeting posh car marques and fining them £100, mostly they just got the secretary to pay up. This was private data you were/are compelled to hand over.
2) cost of prosecution is our only defence against unworthy law
With costs involved, only the most serious laws get enforced, look at speeding for one instance, it used to be an occasional thing requiring active pursuit for 2/3 of a mile with lights flashing. Now it is easy to leave it permanently switched on. - Don't give me the "idiot tax" arguments, it is a minor transgression in most instances and not a great safety concern, statistically. Besides, first they came for the speeders..
Look at poll tax non-payment for another example, kangaroo courts prosecuting non-payers at 20 per hour. This made any legitimate rebellion, if there is such a thing in today's newspeak, impossible.
3) Finally, I would like the opportunity, as a responsible citizen, providing I do no intentional harm to others, the right to do whatever the fuck i like in private, with consenting adults of my choice. This may include unwise or immoral or simply depraved activities, not least of which might be the consumption of illicit substances.
How long before our self-appointed moral guardians work out that the casual drugs distribution chain shows up easily in this data, and can therefore be halted at very little cost?
For god's sake, we're human and have been doing this sort of thing since before the stone age.
Unlike the chinless cousin-fucking aliens that run our country.
Imagine a world where the first opamp, the 709, could not be functionally copied, and improved versions made that slot into the original socket. Where would we be if the microprocessor stopped at the 8080? If any other manufacturer can replicate the function, but without reverse engineering the actual chip, then that is legal and beneficial to all - except those who would prefer a lifetime monopoly. It's a shame since FTDI do make some newer parts (EVE) and these are every bit as ground-breaking as the '232. Come on guys, you've had a good run with this, let it go, and realise that copying the VID is no worse than copying a regular opamp pinout.
As ever, an interesting piece Mr. Worstall.
What do you think of the other members of the "dream team" of economists? Surely you must be appreciative that someone, anyone, in politics is thoughtful enough to seek advice from your lot, and thus to avoid so many of the obvious pitfalls. (My opinion, fwiw is that the law of unintended consequences can betray them, but I can't tell you how.)
Back on topic, sure governments are hopeless innovators, look at the technology in Brazil, the film, for inadmissible evidence.
I don't think we're even below-par on innovation - kickstarter, self-publishing, crowdfunding et al have changed the innovation landscape far more than Corbyn ever will, for the better that is.
He might want to address some more fundamental issues, like how to propel young bright minds out of eduacation-debt and into housing, before they're 30 and the edge has been ground off them.
On that topic, do you have any suggestions as to how we might deflate the property market so it stops being a monster investment for those offshore and starts to serve those who need it?
To what extent was it "cheating" is what I'd like to know.
It would be reasonable to save the finite supply of urea liquid for the times when the engine emits most NOx, under heavy acceleration (i.e driver demand, pedal position) and possibly also at lower revs. Similarly one might wait till the engine is warm otherwise the urea wont turn to gas within the exhaust and would be wasted. There is plausible denial so far, I would say.
If it measures actual rpm profiles and acts only on those that are a few percent within the standard test profiles, then that is definitely "test detection".. Similarly again, if there is a flag set for "test" conditions, and this remains set for some time, possibly the whole ignition cycle after a "cadence detection" of some sort, then sure, they're busted.
Where was it, actually, between these two levels?
Reg readers need to know.
"the most complex superconductor integrated circuits ever successfully yielded"
Yielded? - did they break it in half or something?
Oh, and it's "integrated circuit" not circuits.
Let's hope it's clever enough to teach the ignorant bastards some grammar.
Or just try playing "Defender" at all...
I still love it, far more than anything since. It wants your money, not your time, so its bastard hard. I'm not even that good, 20k is about my maximum, but that won't stop me hacking a £3 keyboard to make another "proper" controls board.
The history of Defender is quite interesting, a solo programmer, eight or nine buttons, it was nearly chucked out for being too complex.
"DAB only gets away with it due to digital error correction."
That would make it less susceptible then, wouldn't it?
Actually it is a little more complicated than that, and more interesting...
DAB runs at 1.6Mbps for the whole "ensemble", if it used a single high data rate carrier, the echoes or multipath signals would collide with unrelated signal, destroying the data.
Instead it uses COFDM, where the spectrum is split into 1536 separate carriers all modulated at a much lower rate, much like keying out morse on every note of a piano. The integration time for each channel then allows for long echoes, the delayed signal is still "on the same bit" as the direct signal - as long as the echo is less than 60km or so, and beyond that it is simply weak.
Ah, Mr. Bryant, rather noted for your bellicose argument aren't you...?
You detail well the evils that are in this criminal supply chain, and we can agree that they are not desirable. I don't take the point that Silk Road supplies just to the local dealer, it supplies to the end-user as far as I am aware, through anonymity and smallness of quantity. Larger quantities through the post offer no reduction of risk to the local dealer, so he would be better off buying from his existing sources.
It's early days yet, and Silk road does allow one to buy direct from a cheerful peasant, though like eBay, it might be a while till this develops the critical mass it needs. I don't see any point in going back through 50 years of history to understand a phenomenon that is at most 5 years old, and still in development.
I was rather making the point that drug use is a personal moral standpoint, as is prohibition, and historically - if you wish - prohibition tends to lose out, witness alcohol, prostitution, homosexuality, race inequality, weed...
Silk road sounds to me like a perfect antidote to all the evils of a criminal supply chain.
People are always going to take illicit substances, it is the single unifying factor of all human cultures ancient and present. Therefore why not let them, in small quantities, do what they like? It's a "consenting adults in private" argument.
Are the authorities worried that this new phenomenon could achieve most of the goals of their 30-year war, but at no cost to the taxpayer?
This moral authority thing, being able to tell others what they can and cannot do according to one's own moral judgement, its a pernicious little bugger isn't it?
I've worked on Tetra handsets, its a good standard, does all the weird stuff the emergency services want, like mini basestations, walkie-talkie etc. Given that it was replacing analogue narrowband comms it had to use a very narrow bandwidth, so would never do video streaming. Tetra+ was an attempt to increase BW by using fancy 64QAM (or somesuch), but was never really going to work outside the lab.
So why not simply couple it to a GSM/3G/4G whatever phone, which duplicates the comms both for archiving and for diversity (fail-over to non-Tetra) - and allows SMS and multimedia when available.
Indeed, why not use 2 batteries 2 mics 2 speakers, like sellotaping together a Nokia and an existing Tetra handset.
If they have evidence of planned murder, surely this is a more important charge to press against him? Certainly my concept of what the police are there to do, would be to sort out murderers first, and facilitators of drug sales, erm about four hundred and thirty second.
Godel's provability theorem can possibly lead to a test as to whether the mind is quantum, but it is one approach only, and based on nothing but abstract argument.
The 1998 paper from Penrose and Hameroff had some real physical mechanisms and predictions in there*. What I liked best about Penrose is that he starts by acknowledging that the brain "behaves like" a quantum computer, leading to the suspicion that it might be...
I can't possibly do justice to the material starred below, in this post, so I just recommend a look for those interested. I'll leave you with a recent quote from Hameroff
After 20 years of skeptical criticism, "the evidence now clearly supports Orch OR," continue Hameroff and Penrose. "Our new paper updates the evidence, clarifies Orch OR quantum bits, or "qubits," as helical pathways in microtubule lattices, rebuts critics, and reviews 20 testable predictions of Orch OR published in 1998 – of these, six are confirmed and none refuted.
I've just gone through this whole process with a "clone" device, from a reputable supplier.
Firstly, I don't see how it is illegal to "white room" copy an existing part, like the very popular FTD232, if the chinese or whoever have replicated the function without copying the silicon, then, isn't that what AMD did to Intel, legitimately? This chip is the new "MAX232" - of course it will be replicated.
Incidentally I hugely respect FTDI - have a look at their new "Eve" concept, turns a dumb graphics display into a sort of HTML terminal, so small micro's can drive big displays without tons of gfx and fonts type of codebase.
Secondly, I'm not sure the new FTDI driver actually writes zero into the PID of the clone parts, I think they come with zero as the PID, but I could be wrong. My understanding is that the new drivers will recognise only parts with VID=0403 and PID = 6001, 6010, 6011. It will "fail to install properly" -because it has not been explicitly instructed to work with "0000" parts.
I would post some of the code from the *.inf files, but the T's and C's are highly restrictive. In fact it is the agreement you sign up to when installing the drivers that carries most of the poison, you are not allowed to modify the software in any way, etc etc.
I can understand they don't want their efforts in making and maintaining the drivers to benefit their competitors, but they're protecting a carcass, there's no more meat on the USB-UART thing, best move on, and btw everyone's coming round to this open-source thing these days.
Before launching into the Physics, how can I upvote the strapline?
How many .. to change a light bulb, I LOVE it.
As is mentioned above, blue light needs more energy per photon. GaAs was used for red LEDs originally, and alloying it with Indium and Gallium in various ratios causes the bandgap of teh material to increase and therefore we can reach yellow then yellow/green, and these days, pure green - of the sort one can hold in one's own mortal hand.
For Blue we need to find a material with more bandgap than GaAs, InGaAs, InGaAsP, InGaAlAsP and all that lot - you can see that the choice of material variants has grown, testament to the work that has been put into this market.
GaN and SiC are both contenders, early blue LEDs used SiC but the brightness is limited, it is an indirect band-gap material - a phonon is needed to carry away some excess momentum when the photon is emitted, reducing the probability of emission and wasting some energy.
Both SiC and GaN are exceedingly hard to grow in pure form, being riddled with screw dislocations, threading dislocations, foreign atom inclusions and many more nastys. GaN is the worst, we need defects per cm2 of a few hundred, typical bulk materials have 10^6 to 10^9.
To solve this we need to grow thin layers on a substrate that we can make decent crystals of, like sapphire (Al2O3) or SiC or even GaAs. The substrate order will force the thin layer to be defect-free. Unfortunately all the substrates have a different lattice constant, the mismatch needs to be accommodated somehow through interposing layers.
It is in this area where the Nobel Laureates excelled, Akasaki and Amano used sapphire with a buffer layer of AlN, whilst Nakamura found a way to grow GaN starting at low temperature then increasing the deposition temperature, spreading the strain across some distance.
It is all to do with the temperatures and gas compositions, including different dopants - and finally the sequencing to build crystalline thin layers that can cool down from the forming temperature (800-1400'C) to room temperature without shattering.
Since then there have been many more developments, like quantum dots, plasmonic resonators - and all sorts of means to get the light out of the crystal, but these are not part of the prize-winning research.
It's bloody hard to make quality sapphire in these sorts of quantities, if you look at today's prices the screens would cost well over $100. GT were banking on getting lots of things working all at once - jumping from 90kg "boules" to 180kg. Growing the crystals in the preferred "c" axis so that regular longitudinal slices can be used, like in silicon - rather than having to saw it into planks like a tree. I'm sure they will get there, but not while being kicked all the way down the road. Chapter 11 might do them a lot of good, I hope they make it work because super-quality LED's and plenty of other stuff relies on high quality sapphire substrates.
Remember all the user data that Redmond said went into crafting the Office Ribbon UI? Where do you suppose it came from?
I thought they'd plucked it out of their arses. Seriously.
Word and Excel were excellent programs till the ribbon, an exemplary implementation of Pink Floyd's "I've got thirteen channels of shit on the T.V. to choose from"
For neo-luddites wanting the authentic 2003 functionality, there is a lovely new toolbar you can install, called Ubitmenu - which looks like another ribbon tab but its all you need. It's free for domestic use and about a fiver otherwise, and as usual be careful on the install as you won't want any other crap they might try and install with it.
I didn't get much of a handle on the case from the brief article. Here for all is the core of the judgement:
U.S. Patent No. RE37,802 "deals with the field of multiple access communications using spread spectrum modulation," according to the U.S. Patent and Trademark Office.
Wi- Lan claimed in a 2011 lawsuit that Apple infringed on its '802 patent "by using certain industry standards in the field of wireless technology."
A jury found in October 2013 that Apple was not infringing and that claims 1 and 10 of Wi-Lan's patent are invalid. The patent has 40 total claims.
U.S. District Judge Rodney Gilstrap vacated part of that unanimous verdict Thursday, saying the invalidity finding was not based on enough evidence.
"The court is unable to find that the jury's finding as to invalidity of claims 1 and 10 of the '802 patent is supported by substantial evidence," Gilstrap wrote. "Accordingly, the jury's invalidity verdict cannot stand."
Apple needed "to prove invalidity by clear and convincing evidence" but "no evidence was presented of complex multipliers in the prior art," the 16-page opinion states.
Claim one of Wi-Lan's patent describes "a transceiver for transmitting a first stream of data symbols," and claim 10 explains "means for receiving a sequence of modulated data symbols."
Though Gilstrap vacated the judgment as to the validity of claims 1 and 10, he denied all other aspects of Wi- Lan's motion for judgment as a matter of law.
The actual patent is very interesting, to me it looks like a reasonable invention. However, it is in fact a 1998 submission that attempts to claim a 1992 priority date, and in true submarine fashion, only surfaced in 2002. Of course by this time similar developments of comms theory were already in operation and included within international standards. Whether these "working" systems actually use the means described, whether these means actually work in practice, or whether better methods have been found, I don't know. I'll have a look if there is some interest. It would be a good case to look at.
Dyson Airblade hand-dryer
Sounds better in a Glaswegian accent
"how's the earbleed technology getting on"
seriously I've never heard anything quite as loud, especially in the high frequencies, its easy for the hands to operate as whistles well into the 10's of kHz. It sounds to me a lot more damaging than the live performance SPL limits.
you should bother to do the "math" - look at my post earlier, the "8MeV per Oxygen atom" sure does add up, its the cost in energy terms of breaking it back down into protons.
It's worse even than my first calcualtions - there are 16 nucleons in Oxygen, so its 128MeV per atom - and if you do break it down in to Hydrogen, what do you do with all the neutrons?
Somebody's dropped a minus sign....
This is worse than filing the corners off 50p's to get 10p's.
The binding energy per nucleon in Oxygen is 8MeV, for Hydrogen it is zero.
So, per gram of oxygen, or of hydrogen, you need 8M x e x Ea = 7.68 x 10^11 Joules
- or about 200kWh per gram, in money terms (at 10p per unit) £21,000.
The economics are, take 200kG of water plus 4 billion quid and you have 200kg of Hydrogen to sell.
I've had a fair bit to do with "infotainment" systems. The vehicle manufacturers don't really get hackability, even simple measures like reducing the attack surface are rejected in favour of functionality. One project demanded compatibility with over 60 varieties of photo/AV/container formats. Another response is simply "what can they do with it anyway", as though it would stop at mere annoyance. If there is a way to hack into the system there will be ways to monetise it, we just haven't seen them yet, though I could suggest ransomware, bogus service demands, premium phone services, contagion into connected smartphones, just as a kick-off.
As Charlie Cox would say, it's a nightmare in a bubble-car.
The entire UK population's stolen "medical records" are being offered for sale. The management team of the rebranded National Health and Information Service has confirmed the theft of files and warned that neither the purchase nor publication of the documents would provoke a criminal complaint or a lawsuit.
Biting the hand that feeds IT © 1998–2020