Posts by Oddb0d

Re: sshuttle for the win!

That's basically what sshuttle does, the clue is in the name ;-) It works like ssh port forwarding but without the need to setup the forwarding rules in advance.

Edit: Swarthy wins.

Re: Aerie???

It's a variant spelling of the same word, so yes, but also no.

Re: I live a sheltered life....

I thought the exact same thing as wolf attacks near SPB Software's development HQ are not new, as this story from 1911 attests.

Re: Thrupenny bits

Breaking news: Anon lands failwhale, promises to readmore in future.

Re: I have published a similar study for detection of nuclear weapons

Anyone wanna pay 40$ so I can see the original paper?

Somebody already did https://www.dropbox.com/s/x2z14gw8017ezbg/for%20reddit.pdf

Re: Dual boot == information leakage

I don't think you've quite thought this through.

How exactly do you acquire Sgt Bloggs in the first place? OK, so you've managed that somehow (let's assume he was wearing an "I shot Bin Laden + I am The Stig" t-shirt), what additional benefit is there from being able to possibly track this target some of the time? OK, so you've justified this nonsense somehow, how do you make the link between what are essentially 2 different handsets? Guess? Or assume that the developers were so incompetent that they have allowed a unique identifier to be associated with secure and insecure operating modes?

If you are able, somehow, to get close enough to Sgt Bloggs to compromise his phone, what's the point in planting "tracking data", you already know where he is and can use the same techniques used to locate him in the first place.

Even if you have practical answers to the problems indicated above it is worth keeping in mind that this article is a journalist's impressions of a sales demo, all the stuff about military/spy usage sounds like pure speculation as it's all unsourced.

Re: Jail time I hope

You would do well to learn the difference between criminal and civil proceedings. This was a civil dispute between two private parties, unless one of the parties ignores the Judge's orders then a custodial sentence is not an option.

Re: Can I format it in FAT16?

Under Windows 2000 & later the DosDevices (aka drive letters) are merely references in the registry that point to the actual storage volume which could be an mbr partition, gpt partition or unpartitioned media like a USB stick or optical disc i.e. they are only shortcuts & are completely arbitrary as far as the OS is concerned.

Drive letters are only for backwards compatibility so the limit remains as it has since the DOS age (maybe since CP/M & QDOS):- 26 letters less the one used for the system drive.

Maximum partitions per drive would be a much more interesting question, I've found someone who has managed to create 350 partitions on a single drive inside a virtual machine but the actual maximum eludes me as this may be a limit of the diskpart command.

Re: That's my problem with UPnP port forwarding

You could even have made it more stupid-user friendly by having dedicated firewalls and and devices have a button (like the WiFi paring button) that could allow for this to be done automatically: Press the gizmo's button, press the firewall's button at the same time, done.

WiFi Protected Setup probably isn't the best example as many implementations have a nasty PIN flaw that is easily exploited, further reading: http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf

What IS direct buried cable?

I am not quite sure what you mean by "direct buried cable".

As a rule of thumb Telstra is responsible for maintenance up to the network boundary which on the average free-standing house ends either at the grey Madison box on the outside wall or the nearest socket inside the premises.

"Would you trust your data to a company run/owned by someone with his track record?"

Definitely not, but that's because I do know his track record, including but not limited to his hacking/carding arrest in '94, the letsbuyit.com insider trading scam and subsequent collapse, the accusations of attrition.org supporting a Pakistani terror cell, the YIHAT era (aka Kim finds Bin Laden's loot), his deportation from Thailand, the Kimvestor AG loan scam including his embezzlement conviction, his world HQ being a Hong Kong virtual office, the claims of hacking Citibank & giving $20m to Greenpeace etc..etc..etc..

Unfortunately a lot of people (apparently including some Reg hacks) don't know about this stuff and think of Kimble as a stand up guy sticking it to the US authorities.

Re: BIG DEAL

> To me this is just marketing BS.

Since it's probably just an existing model with tweaked firmware, I have to agree on this point.

> What's the use of a 2.5" for a non mobile device.

Lower power consumption, lower operating noise, greater storage density (2.5" drives @7mm height fit in 1/6 of the space of a single 3.5") and increased flexibility in chasis layout due to a smaller physical size, those are all pretty good reasons.

>Who needs 12 simultaneous video streams at home and do you really believe it will be stutter free sharing 100MB/sec ?

The manufacturer doesn't explain what that figure means or how it's derived but if you consider the typical data rate for a Bluray movie is around 36Mbps then 12 simultaneous streams should be no problem. The necessity for multiple stream recording comes from the market for CCTV DVRs which now typically record 16 channels of 720p video simultaneous.

Possible? Yes. Practical? Not yet, maybe never.

Yes I believe so but there's a big catch, the researchers claim to have done it knew exactly what data they were looking for in advance! To the best of my knowledge nobody has ever successfully performed recovery of unknown data from an overwritten hard disk. For more on the topic see "Overwriting Hard Drive Data: The Great Wiping Controversy" by Craig Wright, Dave Kleiman & Shyaam Sundhar.

The hardcore method of forensic recovery (beyond part swapping) from a failing/failed/overwritten disk is still expensive and time consuming even for large orgs, for further reading see the book "Spin-stand Microscopy of Hard Disk Data" by Isaak Mayergoyz and Chun Tse.

Put it this way, the Centre for Magnetic Recording Research at UC San Diego have been unable to recover anything from overwritten hard disks that employ PRML (i.e. all modern hard disks), this is important because this was the institution that requested T13 & T10 add the sanitize commands to the ATA & SCSI standards.

@Steven Roper: Several emergency numbers were considered for Australia, 000 was chosen for multiple reasons. The first being that it's hard to dial by accident (same reason as 999) and the second was that in far flung regional areas that had very basic automatic exchanges, 0 was the auto trunk access number so dialling it 3 times in a row would at the very least get you a Central Office operator. 111 was no good as phone and exchange equipment was all mechnical, a poorly lubricated phone dial or faulty exchange relay could lead to accidentally dialling emergency whenever you dialled any number beginning with 3 or higher, this is because the slow travel of the dial would cause the exchange to recognise the make-breaks as individual digits i.e. 3 ones instead of 1 three. New Zealand is slightly odd in that they chose 111 for the reasons above, the difference being that their dials are numbered 1-9 instead of 9-1.

Re: Thanks for clearing up the badge thing.

Probably for a lack of irony considering Dotcom has previously gone by various stupid names including the classics Kim Tim Jim Vestor and Royal Highness Kimble the First.

Re: And I'd love to see...

@A J Stiles: The Lexar Jumpdrive Mercury, which includes an e-ink based capacity gauge, was introduced at CES 2006. Calculating free space within a filesystem is a complicated matter but the overall drive usage is trivial given that the flash controller already maintains an allocation table used for garbage collection, the number of unallocated pages is a "good enough" indicator of free space.

@Stoneshop: That would just add complexity, besides, all the host sees with a modern drive is a big block device, only the controller/firmware really knows what the capacity, usage and other layout details of a drive really are.

BTW In the case of hard drives I think it's a rather odd idea, either the drive is connected to a host which lets you see the free space or it's not currently in use in which case its capacity is surely more important than its free space.

Re: Check this out ...

That's entirely the problem, electrolysis requires electricity. From paragraph 4 of your link, "To break the molecule down, a voltage of 0.37V needs to be applied across the cell - much less than the 1.23V needed to split water." In the photos, where is the electricity source that is supplying the electrolytic cell?

Although possibly true an equally likely explanation is that this contraption is exactly what it appears to be, a car battery connected to an inverter with a light bulb on the end. The green tank (which looks like an old refrigerant bottle), water filters, "one-way valves" (which look like in-line fuel filters from a car) and in fact the generator itself appear to be just decorations.

The author is implying that there is vendor lock-in with both companies because Kindle users generally buy books from Amazon & iBooks users from Apple's iBookstore, however this is only true as far as people are lazy and/or ignorant as noted by the author in the next paragraph.

One of Amazon's ebook formats (AZW) is the common MOBI file format but is normally protected with their proprietary DRM scheme. The other Kindle format (Topaz or TPZ) is unique to Amazon and uses a different encoding scheme but the same DRM as AZW. However all Kindle's can display unprotected MOBI files that can be purchased from ebook stores other than Amazon.

Apple does the same thing with the iBookstore i.e. they use a common ebook format (in this case ePub) and apply their FairPlay DRM to it. As with the Kindle, iBooks can read the unprotected base format which allows access to titles from other bookstores.

Re: So - read the licence.

The stats being discussed were clearly taken from installs of MS Security Essentials (and possibly Forefront) which requires user permission to report detections back to MS, it is clearly stated when you install the program and is easily turned off with a single checkbox.

I fail to see anything unethical here.

Re: Apple Quicktake

There is apparently enough info on the web to deal with that format, try here

http://blog.richardsprague.com/2005/01/quicktake-camera-photo-conversion.html

or try Image Converter by Bitten Apps, the current changelog specifically states "Fixed a bug where the application would refuse to open QuickTake PICT files."

http://itunes.apple.com/us/app/image-converter/id437491380?mt=12

Scorpions in my vagina?!?

Actually it would fit the modus operandi of these colourful characters almost perfectly. Kevin Bermeister already tried suing the RIAA using one of the same patents back in '04...

http://news.cnet.com/P2P%20company%20sues%20RIAA%20over%20patent/2100-1027_3-5357332.html

...and when that didn't pan out, Altnet went after Streamcast...

http://www.slyck.com/news.php?story=1264

...now they're BFFs, this must be a textbook definition of patently absurd.

SSID broadcasts (aka beacon frames) are not relevant to what is described in the article.

WiFi adaptors periodically send probe requests in an attempt to connect to the closest "friendly" network which is to say one that the device has previously been connected to. The trick here is that the researchers setup multiple access points that listen for these probes and then recorded the MAC address (this is a guess on my part but it's the most obvious method of tracking a single device). As the device is moved from one place to another they simply follow the trail of probe requests that contain the same MAC address and voila you can track a device, and by extension a person's, movement in a completely passive way.

Re: Yep - that's Sony

Sorry Philip but A.C. is quite correct, the reason you need SonicStage is because of the DRM system (OpenMG) and proprietary audio coding (ATRAC). Early Sony players can't decode MP3s (despite what the marketing claimed) they only support ATRAC audio with SonicStage "helpfully" transcoding before upload to the device.

Why? Because SonicStage pre-dates flash based music players, it was previously used in conjunction with Sony's MiniDisc devices.

Fair but cut the author a little slack

The acronym is expanded below the article, where the tags are. Besides it's an easy thing to overlook when you're writing with length & deadline in mind.

I'm pretty sure that honour goes to the plethora of Pong clones however Giana draws a better parallel with this story due to Nintendo's legal action at the time of release.

R.I.P. Armin Gessert

Re: Privacy?

Yeah you're right it's clearly a typo. But, on the other hand, the indictment accuses MU staff of searching people's uploads to locate material that was later added to megaporn & megavideo. It seems unlikely that they bothered telling their customers before doing this so privacy violation is a possibility.

http://www.nbr.co.nz/sites/default/files/images/78786408-Mega-Indictment.pdf

Re: What OS will run on it ?

A reasonable guess except Valve's also looking for a Mechanical Engineer and a Firmware Engineer, that suggests something more interesting is in the pipeline. Who knows maybe they'll include a Grav Gun with HL3 pre-orders?