Posts by DerekCurrie

Too Late

"We assume by "voluntary cooperation," the President is willing to be told to get lost by the tech giants in November – if they have the strength to do so."

That's over. Google and Apple, and I expect other companies, have already proven their strength to 'Just Say No' when the government demands the impossible, decrypting the encrypted without the keys to do so.

Then add in the fact that anyone can access and use publicly available unbreakable encryption for their files. Unless those encrypted files have a worthless password or someone discovers the keys, they're staying encrypted.

Meanwhile, no doubt the government will continue to use and create new methods of intercepting information before its encrypted or after it's decrypted by an intended receiver.

Let's just hope the US government figures out that they are required to abide by The Fourth Amendment to the US Constitution whether they like it or not. Any evidence collected outside of the mandates of the Fourth Amendment will be judged worthless and thrown out of court, as is currently being proven daily. IOW: Follow the law or your case is sunk. No '1984' scenario is welcome here. Deal with it.

Yeah, I noticed The Register is in Apple Hate Mode

In this case: Darn! iPhone 6S still has stunning battery life.

Actually, I'm writing this comment just to point out that we Apple fanatics do more than 'go bonkers' hating you back. Sometimes we just *YAWN* at you.

It's a shame that I find The Register to be a great place to pick up computer security news. But I have to dig around for it amidst a sinking load of old cobblers. Phew.

THANK YOU APPLE!

[Insert Fourth Amendment to the US Constitution HERE]

Now Apple, how about turning the OS X firewall ON by default? And how about entirely REMOVING 'Open "safe" files after downloading' from Safari? And how about swift, immediate, ASAP patching of security vulnerabilities in OS X and iOS? All of these would be equally helpful to your customers.

And to FBI director James Comey: We The People rule the USA, NOT any government. We The People run our government. The government serves the people and its wishes. The government does not run the people, despite their wishes. No '1984' scenario is welcome in my country. You've already proven, dear government, that you cannot be trusted. Therefore, deal with the consequences of your deceit.

This is Snowden's Fault NOT

It's ridiculous to put anything on Snowden regarding the aftermath of his revelations, isn't it! Poke fingers at the CAUSE of all this hell: #OurStupidGovernments. Wishing we could stick our heads back in the sand, wishing patriot Snowden had never taken down The Surveillance Curtain, is foolish.

Can we move along now with our response to these profound attacks on our citizen privacy?

The Dark Age Of Computing Continues Apace

Exactly: Almost nobody cares. Technology requires comprehension, which is too difficult for execuTards. Therefore, stupid reigns. And You Can't Stop Stupid.

This is CLASSIC technology project management HELL. The only way to get things done correctly, very sad to say, is to go TYPE A on everyone and become a Napoleon. That works great in the short term, as long as Napoleon knows exactly what he's talking about AND has people around him who know all the critical details he couldn't possibly keep in his single sized human brain.

Again world: Technology requires COMPREHENSION. You can't skim through it and survive. You will be metaphorically killed if you go slacker on the job. PAY the experts for their expertise and FOLLOW their expertise to that finish line called SUCCESS.

Again, for the uninitiated, The Problem Solving Protocol:

1) IDENTIFY the problem.

2) CREATE a solution.

3) ENACT the solution.

4) VERIFY the solution worked.

- AND - My own addition -

5) Keep the marketing people OUT of The Problem Solving Protocol, except as sources of marketing information and advice. NEVER allow them to be in decision positions. If you do, you're gonna have a bad time and so are your customers. Marketing-As-Management is a prime business project KILLER.

Are you reading me Samsung, Sony, Microsoft, News Corp, Comcast, Google, Oracle, Qualcomm, General Electric...?

I know Apple understands, another reason why I <3 Apple.

Entirely PREDICTABLE!

We knew the IoT was a security leak infested mess over a year ago. SURPRISE! The IoT really really really is a mess of security holes.

NOT ready for prime time. Shame on you Samsung and all the other upcoming IoT security hole vendors yet to be revealed. You made the IoT dangerous. Good gawd, how predictable. (o_0)

Déjà vu much?

The usual human lesson: Act like a sheep and you're dinner. Act like a wolf, and the attacking wolves will back down. (o_0)

The US Patent and Trademark Office (USPTO) IS THE PROBLEM!

I'd personally like the The US Patent and Trademark Office (USPTO) to be KILLED OFF and started again entirely from scratch. The US Patent and Trademark Office (USPTO) is INCOMPETENT, SLOW, UNDER-STAFFED and UNDER-FUNDED. They are A DETRIMENT TO THE USA and THE WORLD.

Kill The US Patent and Trademark Office (USPTO).

How is it that NOW, after all this debacle, the USPTO gets around to figuring out there's prior art regarding a patent THEY approved? To hell with this worthless agency. START AGAIN and DO IT RIGHT THIS TIME.

There's nothing 'smartie' about using Android anything these days

Google has allowed Android to become a catastrophic mess of bad security. At the moment, Android users are literally guaranteed to be attacked via, now 7 (SEVEN), Stagefright attacks on their Android devices. EVERY version of Android since 2010 is affected. It is strongly suspected that there will be MORE Stagefright exploits discovered as the weeks go by. Meanwhile, Google isn't going to even pretend to offer solutions until September. That's outrageous.

Get off the Android folks. It's bad for you. That's not a challenge or an invitation to argue. It's a fact.

Marketing-As-Management Strikes Again

Allowing people with marketing personalities to manage anything is akin to a deathwish. What was described from the NYT article sound precisely like Marketing-As-Management. It has killed or decimated many companies. I had to live through it at Eastman Kodak. The end result is obvious. Apple went through a Marketing-As-Management period, culminating in $1 Billion worth of Mac Performa computers rotting in warehouses because no one wanted them. It brought Apple to its knees.

People with actual, natural LEADERSHIP skills are required for management. Perhaps Mr. Bezos should consider not just the hiring people who are tech savvy, but people who actually understand now to work with and manage other people. Such people are ALSO gravely in short supply, sad to say.

Not Acceptable

Lenovo is already on the skids. What a great way to hammer home the idea of ignoring them next time buying a new PC is under consideration.

Way To Go LenovO! Just dive on into that grave.

Enabling mass surveillance is blatantly unconstitutional.

"Children are being raped, citizens murdered, and lost souls trafficked for sex and the police can't do anything about it thanks to..."

...The TPP treaty. Right? No?

Oh, its the TOTALITARIANS back at it again, destroying The Fourth Amendment to the US Constitution.

This issue actually has NOTHING AT ALL to do with companies like Apple and Google who very kindly respond to their customer's wishes and offer (somewhat) iron clad services to protect customer privacy. IOW, #MyStupidGovernment is going about this issue in the WRONG WAY. The Fourth Amendment is specific about serving warrants to INDIVIDUALS who are suspected of crime. Blanket surveillance of any US citizen communicating on US soil is blatantly ILLEGAL. But the FUD mongering surveillance totalitarians find that's far too much work. It's better to surveil ALL of us ALL THE TIME and have us 'trust' them to honor and respect out privacy. Except, they've already proven their traitorous attitude toward our constitutional right to privacy.

Therefore: BZZZT! Wrong US surveillance hounds! You've destroyed any trust we'll ever have in you. Handing blanket surveillance tools to you folks is not going to happen. So please cut the FUD foisting and get back to doing everything constitutionally, ONE suspect at a time. Leave mass surveillance via the business world out of it.

[Sorry to do the 'shout' caps, but I know of no way to do italics or bolding here at ®.]

35 CVEs patched in Adobe Flash and AIR

"Adobe has posted an update to fix 34 CVE-listed vulnerabilities in Flash Player."

Nope. 35 CVEs. I counted twice, just to be sure. Only two of them currently have descriptions up on Mitre.org. But Adobe provides a list of general problems and associated CVEs in their new Flash/AIR security bulletin:

https://helpx.adobe.com/security/products/flash-player/apsb15-19.html

Uconnect Uconnect Uconnect

Homework Hints:

http://www.driveuconnect.com

https://www.driveuconnect.com/software-update/

http://www.autoblog.com/2015/07/25/how-to-update-secure-vulnerable-chrysler-uconnect-video/

IOW: Uconnect is specifically what has been implicated in this latest IoT security mess.

Big Sister

This issue is NOT about companies that offer encryption. It is entirely about US citizens who chose in and of themselves to use privacy tools, such as encryption. It's all about US citizens applying their rights provided in the Fourth Amendment to the US Constitution.

The end.

Pestering third parties to spy on US citizens on US soil without an actual legal warrant as specified by the US Constitution is, simply, unconstitutional. And NO, blanket FISA court warrants are NOT constitutional no matter which way you contort the subject.

Non-US citizens: They're entirely fair game. Communication of US citizens outside of the USA: That's entirely fair game.

Question: Why is the world of humans in general desperately bent on playing out the '1984' scenario? Is it out of laziness on law enforcement's part. Obviously, that's a factor. It's harder to follow the law themselves. But there's also the constant question of whether citizens or their elected government actually runs any single country. The actual answer is that the CITIZENS run everything and the government is merely a representative servant. Nonetheless, there are obviously some people, who think somewhere within the psychopathic scale, who want flip it all upside down and make the government to rule the people. That can only be done in this day and age via massive citizen surveillance, aka TOTALITARIANISM. No to that! Sorry Big Sister.

So Apple. Are you ready to Get Out Of China yet?

I've been ranting at Apple to Get Out Of China for several years. Sadly, the current methods of doing 'business' in the world require dirt cheap labor with the best possible quality of workers. That apparently means Chinese labor. *sigh*

At least Apple demonstrates caring about their contracted cheap labor. It sure would be nice, by golly, if the insistent FUD Mongerers at The Register would pick on the many other companies that also hire Foxconn. But as we know, the price of fame is FUD. Kick 'em when they're up. Kick 'em when they're down. Nothing new for Apple.

Meanwhile, the business incentive for cheap labor continues unabated.

Yosemite: Also yuck, in its own special way

"And the quality of Apple’s platform has fallen to abysmal levels recently – Yosemite is buggy and inefficient, and forces me to work in ways I don’t want to work."

As an Apple fanatic and beta tester of OS X 10.10 Yosemite, I entirely AGREE! It's the first version of OS X I ever SKIPPED. I don't use it. The beta of 10.11 El Capitan is a bit more sane and enjoyable. I actually use it. So all is not lost.

And yes, I warned Apple about Yosemite's problem many times. Apparently, they didn't care. That really was a new low for Apple. But now they're appearing to perk up, having figured out just how much Yosemite is hated by the cognoscenti. :-P

So Pentagon: Is it because you need more money?

Hell no. What you need is to catch up with the 21st century and take computer security seriously. Why, with all your military industrial complex money-out-the-ears can't you keep your computer systems secure, encrypted (See! Encryption is good!) and out of the hacking tentacles of the rest of the world? It's not because you're entirely stupid. But when it comes to computer technology, part of your organization just failed the Computer Literacy Test for the modern era. #MyStupidGovernment continues to be a mantra in the USA, certainly from me.

If GE make it...

... From at least my experience with GE products... It will be a ripoff and break immediately after the warranty runs out. And if you're looking for security, start snickering now. Or so say I.

FREE SPEECH CRIMES!

And we thought '1984' was only for fascists.

Totalitarianism is a universal crime against humanity, no matter the political bent.

The Plug Is Already On The Floor

Someone believes Windows RT has any future? They're not paying attention.

If Apple's Obsessive Compulsive Security Mandates Pay Off...

.. Then Apple will effectively RULE the Internet of Things. So far, the security in IOT devices has been almost utter crap, making the venture dangerous and detrimental. Bravo if Apple can pull this off! Grin and bear it through the bleeding edge everyone. (^_^)

Wait. What? Use security code from the NSA? No way!

Don't we learn from the past? The NSA has deliberately and consistently dumped compromised and back-doored code on its victims. We want more of the same? I don't think so.

Report: NSA paid RSA to make flawed crypto algorithm the default

The NSA apparently paid RSA $10M to use Dual EC random number generator.

http://arstechnica.com/security/2013/12/report-nsa-paid-rsa-to-make-flawed-crypto-algorithm-the-default/

How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last

"Equation Group" ran the most advanced hacking operation ever uncovered.

http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/

Boondoggle

http://www.merriam-webster.com/dictionary/boondoggle

"A wasteful or impractical project or activity often involving graft"

http://www.urbandictionary.com/define.php?term=Boondoggle&defid=524749

1.- An unnecessary or wasteful project or activity.

2.- A hopeless Case

3.- Some sort of deformed toy made from parts of other different toys

Encryption Expert Required

Inquire OPM, US federal government

But so sad for the rest of the ocean

Coral bleaching. Decades old. The first blatant sign that we humans had ruined the oceans. But it couldn't be our fault! It must be el niño events of overheating the oceans. Oh darn, we forgot to measure the pH as well as temperature. Darn, we've acidified the oceans so incredibly badly that coral can no longer survive. It can't fix calcium carbonate out of the water any longer. We forgot all about that chemical equilibrium between CO2 and carbonic acid.

Oh and then there's that swirling sea of plastic waste building up in the Pacific. We humans really are such selfish slobs.

Sorry optimistic scientists, but nice as the phytoplankton may have it in the future, we've already devastated vast ocean environments and ecologies. Feeling all good about the phytoplankton negates nothing regarding what we've already ruined of the ocean's future, with more selfish slobbiness to come...

The Opposite Of Sensible Or Fair

"Chicago residents who prefer to download their music rather than stream it, on the other hand, are in luck: the change to the tax law doesn't apply to them."

Resulting Incentive: Torrent media downloads and avoid the tax. IOW: Crime. How Chicago of Chicago.

Obviously, this breaks real Net Neutrality as well.

Prototype, Prototype, Prototype

Maybe the problem here is that Google has never bothered to go beyond their initial prototype. Is this ugly little 'self-driving car' merely a hype machine for Google. I say YES.

Look elsewhere for real self-driving cars.

China has been hacking the US federal government since 1998...

... And NOW #MyStupidGovernment figures out this is a crisis.

(O_o) (o_O) -- "Uh, I think maybe this is bad"

Dear Google: How about protecting batteries AND security at the same time!

Dump Adobe Flash. That would solve a whopping huge source of battery drain AND remove one of the two worse sources of malware on the Internet.

Banning Oracle's Java from Chromium would be the other great security idea.

Google, if you're REALLY serious about security, you know what to do. If you're not, it's status quo.

There's no such thing as an adequate Bluetooth speaker

I expect Apple is working on a simple, reliable wireless speaker that does NOT use lousy old Bluetooth. There is no such thing as an adequate Bluetooth speaker, specifically because the bandwidth is inadequate to provide the full spectrum of human audible sound AND the working distance from speaker to source is idiotically small. Would that Bluetooth had been better designed from the start. Meanwhile, we're on rev 4 and its still primitive.

WiFi speakers! There we go.

Best Wishes for Music, but...

...Why did Apple have to subject us to one of the most messed up presentations EVER in order to announce it?! Awful. Only The Weekend's performance at the end saved it.

That's One Down...

...The rest of TWC's executive staff to go.

TWC has the worst customer relations in the cable service business. This self-destructive behavior requires, IMHO, that their entire corporate culture be halted and reoriented to both serving their customers and treating their customer base as collaborators, not enemies worthy of abuse and deceit.

Symantec Stumbling?

ExCeLLenT! That hateful, FUD and crudware mongering company can't be buried in the potter's grave of history fast enough.

OS X & iOS Really?

I like Richard Stallman's insight and contribution to the conversation. But I'd like some documentation to accompany his charges that "MacOS snoops and shackles; iOS snoops, shackles, censors apps and has a backdoor."

Seeing as the majority of OS X is open source and capable of running a great many open source programs, he's speaking at cross purposes. I certainly agree that there's contention about Apple's vetting and filtering of many applications and the capabilities of those applications. I personally avoid downloading a Mac App Store version of an application if I can get it directly from the developer.

As for iOS and Mac snooping, huh? Not if you turn off feedback to Apple. An iOS backdoor? Not in recent versions.

As for calling iOS and Mac 'malware', what specific maladies do they induce into a computer? Considering the overall problem of bad memory management across the entire computer software spectrum, how about we give up on all of it and start again with a new programming language that never allows buffer overruns, ad nauseam? Call it anti-malware.

As for 'The Internet of Things', it has indeed turned out to be The Internet of Malware, one big botnet in the making. World PWNage. It you can't make your 'things' secure, then keep them OFF the net please.

Marketing-As-Management Is A Great Way To Kill A Company

There is a fundamental personality clash within business that, if allowed to fester, will destroy a company. It's the Producer personality, as found in IT, versus the Relator personality, as found in marketing. Never mix the two or you'll discover trouble.

IT Producer personalities find the Relator marketing folks to be annoying and out of touch with their version of 'reality'. They'd just as soon not have to deal with them, but they grudgingly will.

However, Relator marketing personalities will not tolerate IT Producer personalities whatsoever and will go out of their way to UNDERMINE them and destroy their work as well as the people themselves. If Relator marketing personalities are put in charge of a company, the creativity and innovation will rapidly come to a screeching halt. The IT Producer personalities will become demoralized, justifiably paranoid and will QUIT the company in order to retain a semblance of personal sanity. I've been there, done that, left the company.

Great examples:

Apple Inc. after Sculley took over. Notice how he alienated Producer personality Steve Jobs and inspired him to quit Apple. Notice how Apple immediately got back on course when their Marketing-As-Management was tossed out and Steve Jobs returned.

I personally watched this happen at Eastman Kodak. Not pretty. It drove me nuts while I was there. Kodak never recovered. Instead they went to pieces.

The same thing is happening at Sony right now. They have a Marketing-As-Management CEO and the prospects are dire.

Summary: Keep marketing folks doing marketing. If they move up into company management, run for your life. Sell your stock. Find an entrepreneurial company for a new and better job.

Again: It takes 10x lower IT resources to maintain and manage Macs

Again: It has been a constant in the IT business that it takes 10x lower IT resources to maintain and manage Macs relative to Windows boxes. And yet dealing with Macs arriving in the workplace "is a time sink the IT department just doesn't need." Rubbish.

The only reason Macs are any problem to IT staff is that:

1) Macs are unfamiliar to them.

2) They're too staid and lazy to bother learning Mac technology.

3) They're afraid for their jobs, seeing as it takes 10x lower IT resources to maintain and manage Macs.

Get over it. Windows box market share is being replaced with Mac market share. And that's a GREAT thing.

It takes 10x lower IT resources to maintain and manage Macs

It has been a constant in the IT business that it takes 10x lower IT resources to maintain and manage Macs relative to Windows boxes. And yet dealing with Macs arriving in the workplace "is a time sink the IT department just doesn't need." Rubbish.

The only reason Macs are any problem to IT staff is that:

1) Macs are unfamiliar to them.

2) They're too staid and lazy to bother learning Mac technology.

3) They're afraid for their jobs, seeing as it takes 10x lower IT resources to maintain and manage Macs.

Get over it. Windows box market share is being replaced with Mac market share. And that's a GREAT thing.

There is a group of SEVERAL reasons...

...why we humans are managing to kill off the honeybees, our symbiotic friends upon whom we rely for our agriculture.

1) Maniacal use of several different applied pesticides, including neonicotinoids and glyphosates.

2) The Israeli bee virus, consistently and stupidly being imported by way of Australian bees used for industrial pollination.

3) Incredibly poor treatment of bees by the pollination industry, including literal starvation of nutrients during winter months. No, they don't live only on sugar, you dolts.

4) GMO plants with integrated pesticides. That was foolish!

5) Bee mites, a long standing problem we've barely attempted to solve.

6) Local fungi that infect bees and compromise their health.

. . .

IOW: As long as we keep thinking there is ONE cause of the massive Apis mellifera die off, we will FAIL to stop this CATASTROPHE of human survival proportions. We have to grow up and learn to understand how nature works and how it doesn't work when we blunderingly interfere, our sad status quo. Then we can begin to work WITH nature to stop and prevent these catastrophes. Let's get to it!

Disgusting

Insipid

Like it or not: End to end encryption is the future

Silly NSA. Silly lawyers.

No Holography In Evidence. It's More Of The Old 'Pepper's Ghost'.

In keeping with our ever increasingly annoying era of Bad Science, there is no holography in the HoloLens. Some marketing dweebs grabbed the term, abused it and glued it onto something tangentially related to actual holography. Here is some reading:

http://en.wikipedia.org/wiki/Pepper's_ghost

http://en.wikipedia.org/wiki/Holography

Shame on today's profusion of bad marketing. I'm reminded of enhanced 3G mobile phone technology being marketed as '4G' when in fact it is nearly impossible to find actual 4G technology anywhere in the world, despite it being a finished standard with available hardware. What's that about? Now the marketing whizzes are throwing around the concept of '5G', making everything go incoherent. (0_o)

Just Return The Watch, Or Try On An Un-Tattooed LImb

This isn't a 'bug'. It is skin ink preventing Apple's pulse metering system from working properly. Actual skin without normal skin color transmission and reflection alteration is required. We know enough about how this system works, found under the watch against the skin, to know why skin ink would prevent it from working properly.

The Big DAB Mess That Perfectly Serves No One

Knowing the outright POOR quality of iBiquity's fake 'HD' Radio in the USA, knowing it was a blatant SCAM pulled on the ignorant FCC, I checked out that nature of DAB in Norway. Here's what I found out as per the Wikipedia article on the subject:

http://en.wikipedia.org/wiki/Digital_Audio_Broadcasting

1) Standard DAB digital resolution is only 128 kbit/s via the MP2 standard. This is at least better than the worthless 25 kbit/s 'fallback' resolution of awful iBiquity's fake 'HD' Radio using FM. But DAB is still lossy compression that is noticeably of lower quality than any standard FM radio signal.

2) As per any digital radio standard, once you're beyond a threshold signal strength, the audio simply drops out. It's gone. In intermittent areas or areas of interference, the audio will break up in the usual way of streaming digital media. Despite hype to the contrary, radio listeners would rather listen to the fade out effects of an analog FM signal.

3) Europe sadly added to this mess by creating the upgraded DAB+ standard that is NOT backwards compatible with older DAB. This leaves all older DAB-only hardware as worthless junk.

Reading further into the specs only makes the DAB/DAB+ mess look worse.

If actual DAB is what Norway is choosing to use for their digital radio standard, they are making a GRAVE MISTAKE.

The USA mess that is iBiquity's fake 'HD' Radio can be read about here:

http://en.wikipedia.org/wiki/HD_Radio

Concept: How about THE WORLD comes up with an actual SUPERIOR TO FM quality digital radio standard by booting out corporatocracy biznizz bozoz out of the conversation and instead serving THE CITIZENS what they want and deserve. That means no compromising of audio quality. No lossy compression. No compromised signal strength. No DRM rubbish. No having to pay royalties to some protocol owning corporation. And so forth.

If this concept is to become real, all the utter crap currently foisted on the world under the guise of 'digital radio' has got to first be tossed in the global dumpster, where it belongs.

*sigh* Another Reason To Block 'JavaScript' and Ads

I suspect I'm essentially safe from this attack as I use both ECMAScript ('JavaScript') and ad blockers in all my web browsers. But it makes me sad that blocking these methods of revenue gathering over the Internet has become all the more crucial for maintaining both privacy and security. That HMTL5 is implicated is particularly sad. So much for progress in Internet security. So much for making Internet advertising friendly and helpful. :-P