* Posts by Mother Hubbard

54 publicly visible posts • joined 20 Jun 2007

Page:

The enemy of my enemy is my, well, temporary ally: Apple and Microsoft in pact against Google

Mother Hubbard
WTF?

Re: Bing on Mac's

I actually thought they were competitors .. isn't Microsoft a phone company now?

Microsoft to Australian government: our kit has no back doors

Mother Hubbard

Re: No need for a back door

Microsoft agreed with the above cited (thanks Vimes) legal opinion, in Europe;

EU cloud data can be secretly accessed by US authorities

US-owned companies bound by Patriot Act, says Microsoft

4th July 2011

http://www.theregister.co.uk/2011/07/04/eu_customer_cloud_data_may_be_handed_over_by_microsoft/

[...]

Microsoft is set to launch a new cloud service next week. It said it will allocate its customers a region where their information will be physically stored, but said it could not guarantee that it would tell EU customers' details if US authorities sought access to their data.

"In a limited number of circumstances, Microsoft may need to disclose data without your prior consent, including as needed to satisfy legal requirements, or to protect the rights or property of Microsoft or others (including the enforcement of agreements or policies governing the use of the service)," Microsoft said in its online data storage services' privacy policy.

"As a general rule, customer data will not be transferred to data centers outside that region," Microsoft said in an explanation about geographic boundaries for its new service.

"There are, however, some limited circumstances where customer data might be accessed by Microsoft personnel or subcontractors from outside the specified region (eg, for technical support, troubleshooting, or in response to a valid legal subpoena)," the explanation said.

[...]

Mother Hubbard

Re: Do people have no memories at all?

Meanwhile, 15 years ago ..

The long, strong arm of the NSA (July 27, 1998)

http://edition.cnn.com/TECH/computing/9807/27/security.idg/

FORT MEADE, Maryland (IDG) -- Back in the days of the cold war, Washington insiders used to joke that NSA stood for "No Such Agency." The government denied the very existence of this group, which is dedicated to intercepting and decoding foreign communications.

That was then. Today the National Security Agency is well known, and spends a lot of time leaning on software, switch and router vendors, pushing them to re-tool their products. The agency's goal: to ensure that the government has access to encrypted data.

[...]

It's gotten to the point where no vendor hip to the NSA's power will even start building products without checking in with Fort Meade first. This includes even that supposed ruler of the software universe, Microsoft Corp. "It's inevitable that you design products with specific [encryption] algorithms and key lengths in mind," said Ira Rubenstein, Microsoft attorney and a top lieutenant to Bill Gates. By his own account, Rubenstein acts as a "filter" between the NSA and Microsoft's design teams in Redmond, Wash. "Any time that you're developing a new product, you will be working closely with the NSA," he noted.

[…]

Chinese building orbital lab by 2023 to make 'space medicine'

Mother Hubbard

Re: Research? Better get the launch costs down first...

>> It's going to be a research centre? Not until the PRC can get seat prices way, way down & seat availability way, way up...

This isn't the 60's - aside an abundance of existing research and experimental results and the average first world citizen carrying a full scale NASA supercomputer in his/her pocket, there are now even commercial operators in this market; http://www.virgingalactic.com/booking/

Just take a look at the cost of computing over time; http://www.britannica.com/blogs/2010/04/computers-just-keep-getting-cheaper-and-better-and-we-should-eagerly-await-the-days-ahead/

30 years on: The day a computer glitch nearly caused World War III

Mother Hubbard

Don't fret

>> Nuclear winter would block out much of the world's sunlight, which coupled with the lack of machinery, fertilizers, and pesticides, (as well as radioactive topsoil) would have led to mass starvation.

We'll get there, we just chose the scenic route.

Bill Gates: Yes, Ctrl-Alt-Del salute was a MISTAKE

Mother Hubbard
Boffin

Re: Confused - it's a security thang

> From what very little I understand, I don't see why it was not adopted by linux.

By default - in a Desktop mode it does - brings up a log-out screen while you're in a session. But it can be anything you want it to be (http://www.ghacks.net/2009/06/09/linux-tips-modify-ctrl-alt-del-behavior/).

For DOS-like brilliance you can either create /etc/event.d/control-alt-delete with this content (exec /sbin/shutdown -r now "Control-Alt-Delete pressed") or add the following content to /etc/inittab (ca:12345:ctrlaltdel:/sbin/shutdown -r now "Control-Alt-Delete pressed").

For Windows-like brilliance you can assign the key binding using Metacity or Compiz to bring up the system monitor (gnome-system-monitor) like in this example (http://www.webupd8.org/2009/09/change-ctrl-alt-delete-behavior-to-open.html) or take the desktop session back to the login screen (logout-gnome="gnome-session-save --force-logout") via this example (http://askubuntu.com/questions/15795/how-can-you-log-out-via-the-terminal)

Linux's true equivalent is Alt-SysReq-Func; http://en.wikipedia.org/wiki/Control-Alt-Delete

A Tapestry of network complexity

Mother Hubbard
Terminator

>> The equation (below as an image) is a statistical expression of the size of sub-communities in the network, based on the statistical concept of the H-index.

Bloody genius!

So now we can standardise the X-axis complexity milestones - from lowest to highest complexity;

- Home / Small Office

- LAN Party

- Telco

- Homogeneous global enterprise (Facebook / Amazon / Google / Twitter / Salesforce)

- Legacy global enterprise (IBM / HP / Microsoft)

- Any Data Centre more than 30 years old (National Governments, Universities, Hospitals)

- HAL

- Orac

- Amanfrommars

- We will add your distinctiveness to our own

- R2D2

New digital curriculum draft softens CompSci emphasis

Mother Hubbard

>> As such, it has been welcomed by industry groups as one of the ways Australia can ensure the IT&T industry has a well-educated pool of people to employ, even if those people won't hit the jobs market until 2030.

Just in time to in-source again ..

TPG flashes cheeky 'down under' CAPTCHA

Mother Hubbard
Joke

Fast Forward

It's good to see Michael Veitch's arse still getting airplay in Australia. I was concerned that he'd forgotten his roots at Sunday Arts.

Ellison ditches own cloud keynote for billionaires' America's Cup boat race

Mother Hubbard
Pint

Larry, still teaching.

15 Ways to Tell Its Not Cloud Computing

http://redmonk.com/jgovernor/2008/03/13/15-ways-to-tell-its-not-cloud-computing/

+

If you know where the CEO is... it's not a cloud.

The NSA's hiring - and they want a CIVIL LIBERTIES officer

Mother Hubbard
Devil

> Perfect job opening for 3 wise monkeys

Indeed.

I'd settle for them hiring one replacement monkey, the next time Clapper's role is up: Shizaru, symbolising the principle of "do no evil" (depicted crossing his arms) .. assuming he has any power ..

'Occupy' affiliate claims Intel bakes SECRET 3G radio into vPro CPUs

Mother Hubbard

Re: Implausible, except for the demo

> Did you not understand this is about servers?

Can you find where "server" appears in the article?

The article is about vPro and Sandy Bridge, and the features questioned in the article ("No evidence is offered for the assertions detailed above") were features Intel - via Intel's director of distribution sales, North America, David Allen - advocated/promoted for vPro in Sandy Bridge as "market opportunities" in 2010 (so you can also ignore Popular Resistance forming in 2011): http://forums.theregister.co.uk/forum/1/2013/09/23/intel_stuns_world_with_wakeon3g/#c_1965254

Q.E.D.

Mother Hubbard

Re: Implausible, except for the demo

2nd Generation Intel® Core™ vPro™ Processor, Intel® Anti-Theft Technology 3.0

Uploaded on Mar 7, 2011 channelintel

http://www.youtube.com/watch?v=GBAo1vkFFGE

Intel demonstrates Intel® Anti-Theft Technology 3.0 on the 2nd Generation Intel® Core™ vPro™ processor. Learn more at http://newsroom.intel.com/docs/DOC-1903.

Mother Hubbard

Not so far to fetch

Intel’s Sandy Bridge will debut at CES

Published: December 14th, 2010

http://www.computerdealernews.com/news/intels-sandy-bridge-will-debut-at-ces/18660

[...]

With Intel anti-theft technology built into Sandy Bridge, Allen said users can set it up so that if their laptop gets lost or stolen, it can be shut down remotely. The microprocessor also comes with enhanced recovery and patching capabilities.

[...]

RSA: That NSA crypto-algorithm we put in our products? Stop using that

Mother Hubbard

And now for something completely different

Quoth the Reg >> Other tactics include attempting to persuade technology companies to insert backdoors in their products, including it is claimed Microsoft's Outlook.com, and running so-called man-in-the-middle attacks to hoover up the world's online chatter and transactions.

Meanwhile, 15 years ago ..

The long, strong arm of the NSA (July 27, 1998)

http://edition.cnn.com/TECH/computing/9807/27/security.idg/

[…]

It's gotten to the point where no vendor hip to the NSA's power will even start building products without checking in with Fort Meade first. This includes even that supposed ruler of the software universe, Microsoft Corp. "It's inevitable that you design products with specific [encryption] algorithms and key lengths in mind," said Ira Rubenstein, Microsoft attorney and a top lieutenant to Bill Gates. By his own account, Rubenstein acts as a "filter" between the NSA and Microsoft's design teams in Redmond, Wash. "Any time that you're developing a new product, you will be working closely with the NSA," he noted.

[…]

Clearly wary of granting the government supervision over its products, Microsoft has stubbornly refused to submit a data-recovery plan, even though the Redmond giant already includes a data-recovery feature in its Exchange Server. "The Exchange Server can only be used when this feature is present," Rubenstein said. "Because we haven't filed a product plan, it's harder for us to export this than for companies that have filed plans."

[…]

New attack bypasses virtually all AV protection

Mother Hubbard
Boffin

Welcome back, 1992

The Virus Writer's Handbook: The Complete Guide

(c) 1992 Terminator Z (AKA Harry McBungus)

http://vx.netlux.org/lib/static/vdat/tumisc09.htm

[...]

5.22 Disinfecting on-the-fly

[...]

These are the fundamentals of the stealth capability - when to disinfect. On all calls to open the file, add the name & handle to a "database" in free memory after the end of your virus. When it comes to close-time, simply scan your database for the handle and re-infect its corresponding file, and erase that entry from the database. How simple can it get? (See? It's a lot easier in theory than most people imagine!)

[...]

Google cloud told to encrypt itself

Mother Hubbard
Alert

amanfrommars

I think I've just found amanfrommars selling his washing machine;

http://www.trademe.co.nz/Browse/Listing.aspx?id=223309871

.. might explain why he's been quiet recently ..

Aussie Customs in presentational-aid crackdown

Mother Hubbard
IT Angle

Derv's arms

Whichever you are most comfortable with .. http://bellsouthpwp.net/j/o/jonfoote/dali/other/arms.html

Mother Hubbard
Happy

A strong constitution

I believe the American's have a constitutional right to bare frickin' lasers ...

IT Security: Podium place or first round shame?

Mother Hubbard
IT Angle

Life 101

AC, you've lost the security challenge before you've altered even a single binary digit in defense.

You see a difference between your "staff" and "irrelevant drones from other departments". I haven't seen a corporate activity that has been precluded from the outsourcing market-place -- right through to, and including, the CEO. We are all just corporate drones poised to become redundant to a cheaper alternative, but neigh one of us want to believe that.

"Real security", in relation to anything, comes from an environment of trust, respect, nurture and education. Justice keeps the peace. Integrity keeps the faith. You can take away a man's will to fight if you provide him with no enemy, and keep him content. And the reverse is true.

I disagree with Big Boomer as I am yet to see an enterprise that has been hardened to a degree that is commensurate with the effort required to pry and jimmy it for the market (street) value of its information assets. But that wasn't all of Boomer's point. He has authored a declaration - an affirmation that your aggravation will create (and therefore, is) your enemy, not halt him. And to that end, I agree with Mr Big.

Mother Hubbard
Heart

Re: Balance

Come on AC, you paint Boomer's point too clearly. Besides you're not offering any real security - the Big man would probably just boot ERD Tool, back-out those silly registry settings, create his own local administrator (for future quick fixes), delete those untrusted corporate issued signing certs, and change the rights on a couple of DLL files so that Group Policy was no longer a concern of his. If you were lucky he'd probably stop there, but after you took away his USB access he was delighted to come to the rescue of the local executive assistant pool and liberate their PC's (they were so pleased with him when they could load their favourite kitten-oriented screen savers, when they could load programs faster without that dreadful anti-whatever software, and when their machines no longer played patch-bingo each month).

Mother Hubbard
Paris Hilton

Re: Balance

Of course, the other way to secure user desktops is to remove the users, but you hippies aren't happy with that either.

Automated air-traffic network developed for robo-planes

Mother Hubbard
Jobs Halo

Lightweight, distributed and automated

Nice - a handful of guys on the dunes with backpacks and a couple of guys in dinghy's or wet-suits and you'd have yourself a cute little portable coastal defense system. A "return to sender" for UAV bombers, if you will.

I love the smell of trust models in the morning.

Archived Chinese scholar to sue Google and Yahoo! over search censorship

Mother Hubbard
IT Angle

@Stu Reeves

I believe I said "post the URL for that live list of clear information restrictions (restrictions by URL and reason, thanks)".

I know there are restrictions by country - an elderly relation of mine, in one western country, was put-out that she was not legally entitled to access web sites on assisted suicide. Those born of an age where information came through direct contact with something (people you knew, or paper produced locally for example) don't seem to understand the current impact of these restrictions that have always been in place - that books aren't imported, that news isn't published, that video footage is re-edited - let alone complex interplay such as press on Microsoft products in *MSN/MSN* news agencies; when you can access first hand reporting of sources these deficiencies become clear.

Let's see Google really clearly (and theres nothing more clear than transparent) show us those restrictions - take poster 1's method as a short-stop that doesn't divulge the filter explicitly, for example. Or try, say, http://[google-domain-of-your-choice]/filters/ for a list of filters in your current view (domain and geo-location), updated real-time with, say;

"http://*.stureeves.org/*", "US FBI Miscreant List"

"http://*/~MotherHubbard/*", "UK ElRej Bollocks Assessment 08-02"

.. for every user on earth.

Mother Hubbard
IT Angle

Do more evil ..

"They are a business. They are not obligated to you, me, or anyone else other than their owners and shareholders." - Chris C.

I didn't see in that article where it said he wasn't a shareholder (China even has its own *economy* now - it's true!)

Mind you for a company touting such an altruistic mission ("Google's mission is to organize the world's information and make it universally accessible and useful.", http://www.google.com/intl/en/corporate/index.html), then I'd say he has grounds on any of false advertising, corporate misconduct, or misleading the SEC; shareholder or otherwise.

"By being in China, we help people access more information, and when we do restrict information, we make clear that we've done so." - Gabriel Stricker.

I'd be mighty pleased if Gabriel Stricker would post the URL for that live list of clear information restrictions (restrictions by URL and reason, thanks). I'd want to know what my western government would like me not to see.

Automated crack for Windows Live captcha goes wild

Mother Hubbard
Black Helicopters

Use the Internet Luke ..

"The answer is correct as much as 35 per cent of the time. [...] It's also possible the spammers have found a new type of Captcha-cracking software."

How familiar does that sound?

"A team of Russian hackers has found a way to decipher a Yahoo CAPTCHA, thought to be one of the most difficult, with 35% accuracy. The Russian group's notice, posted by one "John Wane," is dated January 16. This site hosts a rapidshare link to what looks to be demonstration software for Windows" [http://it.slashdot.org/article.pl?sid=08/01/30/0037254]

The author called it ("Its discovery comes a few weeks after the release of proof-of-concept code that defeats a similar Captcha used by Yahoo! Mail."), as did the first poster, so why didn't Websense?

US Navy to test fire electric hypercannon

Mother Hubbard

Space version was conceived too

For those of you having the revolutionary and unique idea to put this thing into orbit (and there's some Newtonian physics that you guys are ignoring when you think of explosive projectiles in space), that was a Regan-era Star Wars brain-child version of this already - aka "Rods from Gods";

HOW DO THE RODS WORK? The system would likely be comprised of tandem satellites, one serving as a communications platform, the other carrying an indeterminate number of tungsten rods, each up to 20 feet in length and 1 foot in diameter. These rods, which could be dropped on a target with as little as 15 minutes notice, would enter the Earth's atmosphere at a speed of 36,000 feet per second--about as fast as a meteor. Upon impact, the rod would be capable of producing all the effects of an earth-penetrating nuclear weapon, without any of the radioactive fallout. This type of weapon relies on kinetic energy, rather than high-explosives, to generate destructive force (as do smart spears, another weapon system which would rely on tungsten rods, though not space-based).

http://www.globalsecurity.org/org/news/2005/050608-gods-rods.htm

French police plan Windows-free jails, offices

Mother Hubbard
Alert

Just in time!

"Geraud cited familiar reasons for the switch: diversifying suppliers, reducing costs and gaining control of the software."

Right, just in time to (big) house Steve Ballmer and Bill Gates after the findings of the next round of the European Commission investigation. I mean, the last thing you'd want is to have them locked up someplace where the local guvna can be bought with "cheap licenses" *cough*.gov.uk*cough*, so the French seem an obvious choice. And the second last thing you'd want is to find that your lock-up gear was nobbled by vendor or external government backdoors - if the boys were able to do a runner then it would appear that even the EU couldn't put a ball-n-chain to Microsoft.

(And who doesn't want to hear French chicks saying "ooh-bu'n-too le'nukz" between cigarette puffs?)

http://www.theregister.co.uk/2008/01/14/microsoft_hit_new_ec_probes/

http://en.wikipedia.org/wiki/NSAKEY

Spy satellite to slam Earthside

Mother Hubbard
Boffin

We are all made of SpySats, not Stars

Do searches, be afraid, you can measure the affects of previous satellite burn-ups in each and every one of us;

From; http://www.icsu-scope.org/downloadpubs/scope50/chapter02.html

"2.10 SNAP-9A RE-ENTRY

Satellite nuclear auxiliary power (or `SNAP') units utilize the decay heat of radionuclides to supply electrical energy for space satellite equipment. The re-entry of a navigational satellite containing such an isotopic power unit (known as SNAP 9A) occurred on 21 April 1964, over the Indian Ocean, after failure to attain orbital velocity. The heat of re-entry caused volatilization of the SNAP 9A device which contained 629 TBq of 238Pu. The deposition of around 95 per cent of the plutonium intially injected was estimated to have occurred by the end of 1970. The device's re-entry resulted in a 50 year dose commitment of approximately 0.36 Sv to the respiratory lymph nodes of the world's population due to exposure between 1961 and 1968 (Shleien et al., 1970)."

From; http://www.greenpeace.org/raw/content/international/press/reports/the-greenpeace-book-of-the-nuc.pdf

"1964, April 21: US Navy 5BN-3 Transit navigation satellite, carrying a SNAP 9-A RTG powered by 2.2 lb of plutonium-238, failed to achieve orbit and the RTG disintegrated in the atmosphere at an altitude of 50 km. It sprinkled radioactive particles of plutonium over a wide area of the southern hemisphere, a fact confirmed by soil samples taken from 65 sites around the world between October 1970 and January 1971. The 17,000 curies of plutonium-238 released by this one accident increased the total world environmental burden of plutonium, principally from atmospheric weapons tests, by about 4 per cent.

1968, May 18: following a launch failure, a US Nimbus B-1 weather satellite was aborted and its two SNAP-19A RTGs fell into the Santa Barbara Channel, off southern California. They were recovered intact after a five-month search.

1970, April 17: as part of the dramatic rescue of Apollo 13, the lunar module, carrying a SNAP-27 plutonium power supply, was jettisoned at 18,000 km over the South Pacific. It splashed down near the island of Tonga. It was never recovered but US officials claim that radiation levels in the area indicate that no plutonium has been released."

And that's just the (publicly acknowledged) American disasters. Oh yeah, cancer is a complete mystery .. where could it possibly be coming from ..

Since I first read about this I had assumed, despite the 2006 references, that this was the Spy Sat that was dumped in the wrong orbit; http://www.theregister.co.uk/2007/06/18/us_spy_sat_cockup/

'100% accurate' face recognition algorithm announced

Mother Hubbard
Thumb Up

RE: An easy way to upset the system

"Lets train it on this face:

http://channel9.msdn.com/Avatars/31672.jpg

Then see if it can still recognise it after a quick shave."

eh?

Oooooh, I see it now!

For a moment there I thought she was up-side-down.

Microsoft prints get-out-of-jail card for Vista Home

Mother Hubbard
Paris Hilton

@ Security Risk -v- Virtualisation Licensing

How hard do you guys hit the bong after work? Seriously, six months ago should not be hard to remember. Alright. Set the way-back machine to June 2007, you hippies, to when Microsoft did their first "flip-flop" on the EULA and "virtualization";

"When it announced licensing rules for Vista last year, Microsoft said that only Vista Business and Vista Ultimate could run as guest operating systems. The company said virtualization presents inherent security risks and that it hoped by limiting which versions of the OS could act as virtual machines, only sophisticated users and businesses would employ the tactic."

Microsoft flip-flops on Vista virtualization / Published on ZDNet News: Jun 20, 2007 1:25:00 AM (http://news.zdnet.com/2100-3513_22-6191787.html)

The security risk is really straight-forward; you can skirt around the Vista DRM novelty once you've virtualised the underlying infrastructure, because you can intercept the hyper-visor calls and virtual hardware interfaces in the Host system, outside of the control of all of those signed and encrypted drivers in the Guest system (i.e. at the virtual CPU, virtual RAM, virtual GPU or even easier at the virtual Screen and virtual Speaker [you know, the interface that HDMI was supposed to secure]). This is not a risk to you, it's a risk to Microsoft and its ambition as a media server in every living room - as explained in their (way, waaay-back) Vista Ultimate EULA from 2006;

"6. USE WITH VIRTUALIZATION TECHNOLOGIES. You may use the software installed on the licensed device within a virtual (or otherwise emulated) hardware system on the licensed device. If you do so, you may not play or access content or use applications protected by any Microsoft digital, information or enterprise rights management technology or other Microsoft rights management services or use BitLocker. We advise against playing or accessing content or using applications protected by other digital, information or enterprise rights management technology or other rights management services or using full volume disk drive encryption."

Surprises inside Microsoft Vista's EULA / Published Sunday 29th October 2006 23:32 GMT (http://www.theregister.co.uk/2006/10/29/microsoft_vista_eula_analysis/page2.html)

In lay terms, its okay for enterprises protecting billions of dollars with electronic security measures to virtualise using Vista, because that only hurts them. But if home-users were to virtualise using Vista, and then play a HDDVD or BluRay Disc with MediaPlayer, then that would be ... a security risk.

Pentagon in $75m electropulse blast-ray programme

Mother Hubbard
Joke

I can see it now ..

One of those "funny warning labels" lists in 2030, includes a photo of the label under the 200 foot long airplane-dropping ray-gun that reads "Aim away from face, and cover genitals".

Tesla would be proud. Maybe the FBI will bid on it - don't they still have his many trunks of documentation (outside of the handful that were released back to the family/trust)?

Developer heads are in the cloud, Andreessen says

Mother Hubbard
Boffin

Cloud OS spin

This song is being played to death (I'm sure amanfrommars would agree);

http://www.theregister.co.uk/2007/07/13/ballmer_services_partners/comments/#c_34072

I'm still waiting to hear about how great that new "cloud" security architecture is going to be (presumably from the same people who brought us "Web 2.0 - client-side validation vulnerability bonanza").

Online crime gangs embrace open source ethos

Mother Hubbard
Pirate

FOSS or BAU?

>> Over the next two years, a program with the same name and containing identical source code turned up on boards in China, Guatemala, Russia and Argentina and then again in China. As the program moved, it gained new capabilities, including support for Spanish and Chinese languages.

Right, like Vista ..

>> windows vista ultimate lite edition its damn good version contain all vista extras and very speed version u gotta try it ..tested by me fixed the home premium reales i done

http://thepiratebay.org/tor/3663694/Windows_Vista_Ultimate_lite_Edition

.. like the iPhone ..

>> This week homebrew hackers at the #iPhone IRC channel have enabled Apache, Python and other Open Source apps for the iPhone so you can a web server in your pocket.

http://uneasysilence.com/archive/2007/07/11547/

.. like the Madonna "What the Fuck" P2P MP3 ..

>> This album was triggered by a small sound byte of speech left by Madonna as a decoy to frustrate users sharing her songs via Peer-to-peer (P2P) networks on the internet. Any holes a goal in this riotous wondrous fairy tale journey through 14.5 tracks of deep anal hilarity.

http://www.archive.org/details/wtf_mrp_mp3

.. like etc ad nausea.

FBI to get UK biometric database hookup?

Mother Hubbard
Coat

On the Individuality of Fingerprints, 2001.

From; "On the Individuality of Fingerprints", 2001.

http://biometrics.cse.msu.edu/Publications/Fingerprint/PankantiPrabhakarJain_FpIndividuality_PAMI02.pdf

Our results show that (i) contrary to the popular belief, fingerprint matching is not infallible and leads to some false associations, (ii) while there is an overwhelming amount of discriminatory information present in the fingerprints, the strength of the evidence degrades drastically with noise in the sensed fingerprint images, (iii) the performance of the state-of-the-art automatic fingerprint matchers is not even close to the theoretical limit, and (iv) because automatic fingerprint verification systems use only a part of the discriminatory information present in the fingerprints, it may desirable to explore additional complementary representations of fingerprints for automatic matching.

Meanwhile, at Scottland Yard: "Allo allo allo - The computa' says we can nick 17 people across 4 continents for the John Doe print off that SIM card, guv!" "Blighty! .. get your coat PC Williams .. and tell Miss Jenkins to get a pot on for when we're back next Tuesday .."

Mother Hubbard
Dead Vulture

Statistical fallibility ..

Out of this entire debate, why is no-one questioning the statistical fallibilty of millions of biological-based samples - particularly fingerprints? Even El Reg challenged this in 2004, based on a US DoJ study and New Scientist comments; http://www.theregister.co.uk/2004/04/06/identity/

This isn't just two people with the same name - this is two people with the same fingerprint (something that is not deemed as legally challengable).

As for SkyNet; Look, we all know that the "Server in the Sky" label is the "official" line produced by the Auditor General when investigating the .gov.uk CD "losses". You know; "But daddy, where did the CD's go?" "Well, son, as is the cycle of life - when a CD has had his day, he goes to the big server in the sky .."

Like Elvis, the CD's aren't "gone", they've just .. "moved on" .. its easier that way.

UK gov sets rules for hacker tool ban

Mother Hubbard
Boffin

Re: There is nothing newly restrictive in this

The good news is, Keith, that your subject is right .

There's no border more porous than the Internet - so netcat et al are all just an FTP, HTTP, SCP, NNTP (uuencode, etc), Rsync, SMTP, etc, (or even an NSTX, ICMP payload, etc) away from a usable state. Assuming you want a binary copy, of course.

What's particularly disappointing about your argument is that you seem to ignore the fact that the UK is already a "participating state" to the Wassenaar Arrangement [http://www.wassenaar.org/introduction/index.html] which provides international guidance on export controls for munitions, including dual use goods, and including computer technology and software (particularly "information security" per chapter 5, part 2); surely a superb guide for those participating states seeking to draft domestic policy on the topic. I could, however, understand your omission given that even the regulatory framework for international munitions admits;

Controls do not apply to "technology" "in the public domain", to "basic scientific research" or to the minimum necessary information for patent applications. [WA-LIST (07) 2 Corr. 6-12-2007; GENERAL TECHNOLOGY NOTE]

The Lists do not control "software" which is either: [...] or 2. "In the public domain". [WA-LIST (07) 2 Corr. 6-12-2007; GENERAL SOFTWARE NOTE]

Where the following definitions are key;

"Basic scientific research" - Experimental or theoretical work undertaken principally to acquire new knowledge of the fundamental principles of phenomena or observable facts, not primarily directed towards a specific practical aim or objective. [WA-LIST (07) 2 Corr. 6-12-2007; DEFINITIONS]

"In the public domain" - This means "technology" or "software" which has been made available without restrictions upon its further dissemination. Note Copyright restrictions do not remove "technology" or "software" from being "in the public domain". [WA-LIST (07) 2 Corr. 6-12-2007; DEFINITIONS]

This would seem to be a far more pragmatic condition-set to be considered against the "article" of software, particularly before the "likelihood" of misuse or intent to misuse was tested against a given defendant.

As for your further consideration;

>> As for the comment that there is really nothing wrong with breaking into and exploring other people's networks provided there is no malicious intent: The failure to recognize this attitude as a criminal attitude is another part of what needs to change.

Given your predisposition to aligning computer concepts to UK law, I'd be interested to know why you wouldn't want hackers to be able to replace a given system MOTD message with a Section 6 statement (as in Section 6 of the Criminal Law Act 1977, as amended by Criminal Justice and Public Order Act 1994) in order to legally validate a computer version of Squatting.

This would, in-turn, validate adverse possession of a computer system. As such, after 10 years of possession, a hacker must apply to a Computer Registry (the Internet already has the NIC structure in place) to have their title recognised as the owner in fee simple. The original owner of the computer system will receive notification from the Registry and will be able to defeat the application by simple objection.

Though this may not agree with your "buffet meal" argument.

Kid's 'new' MP3 player was preloaded with smut

Mother Hubbard
Boffin

Re: Atrocious

>> Goodness knows we can't have anyone under the age of forty viewing exactly how Mommy and Daddy started the chain of events ending up with you ;)

I had no idea you were the bastard son of a heavily tattoo'd midget, a shetland pony and a wild woodland woman who can lift bricks with her mudflaps.

The Electric Car Conspiracy ... that never was

Mother Hubbard
Boffin

You've all missed the point .. er .. points ..

For starters, this is a marketing problem; when was the last time you saw Arnold Schwartznsomethingorother (aka: "Dutch") in the south American jungle, smokin' a big-arse cuban cigar and heaving orders out to his crew from the driver's side of a two-door electric vehicle? It just isn't cricket.

Then there is just big arses; the average American has two chins, four stomachs and three arses - roughly the equivalent of two middle-aged Parisians with a full set of matching holiday luggage, all squeezed snugly into a brand-name jogging outfit. There's a reason these people buy SUVs, and *is* because they're all-American. No Texan wants to drive with a gear-shift in their jixy.

To top it all off; until the US knock-off a decent Jeremy Clarkson clone, then they'll never understand the essence of *selling* a car. Lets face it, the American version of a "channel" is equivalent to the European process for making Foie Gras, and until they get a genuine geezer into the selling process, the consumer will be forever condemned to buy on cabin features and paint colour, or the sheer glossyness of the brochure.

Police launch hunt for bogus bobbies

Mother Hubbard
Alien

New MS Data Center ..?

I think an industry insider would be a more likely recipient of these goods. So, who, in the industry, would need a whole lot of enterprise-class and Data-Center-ready hardware?

http://www.theregister.co.uk/2007/11/09/microsoft_mega_data_center/

And, as BillG said just before he "bought out" CompuGlobalHyperMegaNet;

"Oh, I didn't get rich by writing a lot of checks!"

Or maybe when these people get their insurance money, and buy their new hardware, they'll be forced into MS Server 2008 .. which will drive them to Vista desktops .. a lure to drag up new OS sales through hardware acquisition, by shortening the hardware lifecycle?

I know MS are involved here somewhere ... its cunning plan .. Baldrick-cunning ..

Phone phreaks spoof LSD-induced multiple homicide

Mother Hubbard

VoIP should be a boon then

With imperical evidence available it remains difficult to fathom why Voice over IP security is poo-poo'd by tech vendors and OEMs (it was difficult to fathom before the evidence). I can only assume that the need for interception still outweights the need for integrity.

Two US computer engineers charged with espionage

Mother Hubbard

What the?

And here I thought the US stood for free trade and market forces?

Dell grabs ex-Sun comms chief

Mother Hubbard

ROFL

<quote> Lark is a bogging specialist and should fit right in with Dell's marketing plans.</quote>

I'm glad I'm not the only one who think's Dell is crap! lol

Microsoft awaits European Court decision

Mother Hubbard

Archeology

<quote>What is REALLY worrying is that Microsoft claim to have spent many thousands of man hours creating this documentation - which tells me one thing, that they didn't have it documented at all !</quote>

Actually, Microsoft have already declared that they don't know how their protocols work (ROFL);

Newsmaker: Microsoft exec takes on services, Google (Published: June 15, 2006, 4:00 AM PDT) -- http://news.com.com/Microsoft+exec+takes+on+services%2C+Google/2008-1010_3-6083894.html

[...]

Let's talk a bit about your responsibility for technical documentation related to the U.S. Department of Justice consent decree. Is the documentation up to snuff now?

Muglia: We were confused about this, and frankly everybody was confused about this...The feedback was clear from the government agencies and others that we had to rethink this. When we went in and took a look, we realized that we thought of this as doing documentation and we put people who are quite qualified at doing technical documentation on the job. But it ain't that. It's an engineering project. It's especially an engineering job because it isn't a core part of our development process yet. It will become part of the core process moving forward.

But the first piece of work that needs to be done is an archeology project to go through the protocols that are in the system, some of which date back 15-plus years, many of which (were written) by engineers that are no longer with the company, and we've had to pull quite a few of our key engineers onto this and they're working to get standardized formats in place and all of the basics. We're making really good progress on it and we are working as hard as is humanly possible and we'll be doing that for a bit of time now.

[...]

Mother Hubbard

@ Stuart @ Craig

Stuart, your analogy could only have better if you mentioned that your landlord also owned 93.6% of all apartments world-wide.

As for Craig, this might seem alien, but the world doesn't exist to create a better Microsoft.

Free software campaigners stonewalled at BBC

Mother Hubbard

Microsoft will be jealous of the turn-out

20 people turned up at the BBC to protest in the rain, and you think that's a shite turn-out? Microsoft had less than that turn up to their Vista launch in Sydney and that was covered, air-conditioned, catered and included free software that was autographed by Bill Gates!

ATI driver flaw exposes Vista kernel

Mother Hubbard

@RTFM

So, Microsoft "certifies" binary code that will run with elevated privileges on 90% of desktop computer systems, and that means users shouldn't trust it, right? Speaking of "due-freaking-dilligence" - it is absolutely Microsoft's fault that code with their explicit trust applied, that wasn't audited, was vulnerable.

Pentagon chief: no more oil for blood, man

Mother Hubbard

On the shrooms

Looks like NickJ and Merkin are on the same shrooms as amanfromMars ...

Social networks to replace imagination and be woven into clothes

Mother Hubbard

Virtually living

I've checked with my bank - my real house isn't even virtually mine. A virtual two bedder at this stage seems much more "where the market is right now" .. eonomically speaking.

Second Life will dwarf the web in ten years

Mother Hubbard

VRML and competition

Like Lexx and Adrian, I recall the VRML "good-ol-days" - as two SysAdmin's my friend and I coded a VRML2 version of our Data Centre (including every modem and keyboard) in the hopes of VRML3 arriving and allowing us to integrate management functions (the VRML roadmap was very clear - but the timeline wasn't). However, I'm not so idolising or idealising as to forget the tremendous browser crashing episodes that would come with using the technology.

These were also the days where the Doom source code had been used to create a proof-of-concept that made the host OS Process IDs (PIDs) monsters that could be "shot" to be "killed". We were so close ..

Of course the problem, since, has been the death of Netscape. Netscape was driving VRML adoption via the browser (through its common plugins) which resulted in the ever "innovative" Microsoft to copy them to keep up .. and well .. we've seen what's happened since (the US Department of Justice has a file detailling the history if you're not up to speed). No more VRML on the web.

Though in the mean time the OpenGL (Sillicon Graphics') standard has done what was needed and what it was designed to do; despite DirectX, there's been massive OpenGL integration out of Software and directly into the video Hardware; so times have definitely changed.

I can easily see how selling massive processing power for 3D worlds will fuel Sun, IBM, Fujitsu, Cisco, Intel, AMD, etc ad nausea - take a look at the changes in the media industry as a recent example, the web as an older one, or VoIP as a communications parallel. Every player will get fatter .. and the US government will be ready for the taxation as the US intelligence will be ready for the bugging as the US millitary will be ready for the pacifying.

Microsoft, amongst many others, have constantly kept 3D-world type projects on their research lists .. they know it will be an area that they'll need to productise very quickly - one day - when the game starts; like surface computing, integrated media platforms, cross-platform binary software, web browsing, WYSIWYG word processing, GUIs or Operating Systems (to name a few).

However, it will take one big player (Google, for example) - or a "culty" upstart with a keen eye and sweet business model (like models from the mind of Trent Reznor) to throw the big switch and get the 3D game started. It aint Linden. Linden has an image problem, in that Linden can't stop admiring Linden in the mirror. At the technology level - his world is closed and clunky.

The winner will be the player who makes entry and adoption free - and who provides the tools to allow every business, kid and other goth freak able to add their distinctiveness to his own -- just like the web. You don't win without the ecosystem, and you don't get the ecosystem with a strict protocol (at any level - even at the enterprise integration level - you won't get Sovreign trust until portions can be hosted independently on multiple continents, and the US won't even do that with DNS).

They'll be turbulent times before the winner emerges, and after that there will be a great time of peace followed by a massive time of tribulation - see CyberPunk, Ghost in the Shell, The Matrix, etc ad nausea (if you think Hacking has impact now - when sites go down and pages get defaced - you wait until you interact with Hacked rooms, Hacked people and then the future beyond - ala Richard Clarke - when your mind is on the wire .. lol .. our kids are in for one hell of a ride ..)

http://www.informationweek.com/security/showArticle.jhtml?articleID=201202380

Page: