Posts by Doctor Syntax

Re: meek cars and commuting

"This raises another question: will these cars stop for dogs? cats? squirrels?"

What about pheasants? They operate in two modes, dumb and equally dumb. First mode is to wander along the road ignoring anything that moves. The other is to whiz across in flight but at low altitude, equally oblivious.

Re: Warning! Warning!

'Um, the more correct term would be "Meat-space Driver."'

No, the meat space going to be out there. Dead meat.

Re: Hoodies playing chicken...?

"kept moving slowly forward"

Stop a few yards clear. Put evil grin on face. Ostentatiously check seatbelt's tightness. Rev engine....

Re: Wait a minute...

"it will be fun to see how many driverless cars you can collect on a country road."

Round here, where the country roads are steep, part of the cyclists' idea of fun seems to be charging at top speed down twisting lanes in the middle of the road. And no amount of braking by autonomous cars is going to avoid a collision with a cyclist who's already contributing most of the closing speed.

Re: If I visited dodgy sites...

"Then you find out that the malware is capable of infecting hardware, persisting across reboots, infecting other machines on your network AND escaping VMs to attack machines there."

Do you?

Citation needed. Citation should specifically address BSD as the live OS as that was specified by the OP.

" -100 points for trying to pull the stunt in the first place."

It's not as if this was the first time they've faced public criticism for pulling firmware/crapware stunts. I wonder how long it's going to take for the penny to drop. They're certainly not on my list of people I'll buy from.

"as soon as money was involved"

Money often has effects like that. Nice one.

"China has sovereignty"

Yes it does. In China. UK, the EU, the US, the UNameit aren't China. Our own governments have their own sovereignty to set regulations on what can be legally sold in their own jurisdictions. Regulation is the first step to actually dealing with gray markets.

Re: Security First

"Security first can ONLY come if a Machiavellian Prince with some scruples takes over the world and demands it with extreme penalties for noncompliance. Otherwise, sovereignty, competition, and overall human stupidity will ensure it'll never happen."

Nope. There's nothing Machiavellian about all the existing regulation that ensures that it's illegal to sell vehicles that fail adequate safety standards, children's toys with lead paint, electrical items without adequate insulation etc.

It simply required legislators to see the need for them and use their sovereignty to require stuff sold in their own market places to be safe. They'll get the message here as well. It might take them longer because the TLAs have vested interests. Also it won't stop the Del-boys trying to get round regulation but that's what Trading Standards are there fore. Eventually the mainstream market will supply devices with adequate security.

You might reasonably reply that the rise of market places such as eBay makes it possible for the Del-boys to sell non-conforming items. Yes it will; it also makes it possible for other safety regulation to be by-passed. It's another thing for legislation to catch up with. It's not an entirely separate issue but it's one which will get tackled in due course.

Re: Of course Mozilla will implement it

"They have a tack record of implementing and backing every bad idea."

Nice Freudian slip there, Christian. Tack as in tacky. Spot on.

Re: Wrong

"Straight away you assume that Bluetooth is being used for applications"

Over your head. My whole point was that with some or most Bluetooth access potentially moved to the browser the overall attack surface will be reduced, because now you won't need to download and install native apps permanently anymore for a lot of Bluetooth-related stuff, but can simply run them on-demand from the much safer browser environment.

So the second bit I've emphasised is saying that with Bluetooth in the browser you won't need to download the apps that, in the first bit I've emphasised, you're denying were being used without Bluetooth in the browser? Somehow I don't think you've got your own head round your own arguments. Maybe that's why the rest of us have problems with them.

Re: If this takes off

"I genuinely think they have been trained by companies and the world around them that this is the new normal, and us older buggers are just paranoid."

It's simply the old "experience is a dear teacher but there are those who will learn by no other". They'll learn. They'll also discover the truth of the complementary saying: "experience is something you need just before you get it".

Re: Bah!

"I enjoy living vicariously through others' experience of installing Linux on laptops."

So, here's my little MSI laptop, bought a few years ago for the express use of doing things, namely being taken into libraries and archives for doing research. Download Mint, burn onto disk. Plug USB disk drive into said laptop, insert disk into drive. Start computer, press function key for boot menu and select boot from USB. Mint disk fires up. Select options appropriate to language and time zone. Wait for installer to do its thing. Remove USB drive and reboot.

I hope you enjoyed that vicarious experience.

"I don't enjoy the litany of all the things that won't work properly without hours of fucking about under the bonnet."

Neither do I which is a good reason for not doing them as in the above.

"I need a computer as a tool for helping me do other things, interesting things, not as an end in itself."

And so do I. That little device is still doing exactly that research recording task. It's also a nice little laptop to take when going on holiday - although it works better when I don't do what I did this week: forget to pack the charger!

Re: Bah!

"And to that same foetus who will whine at me about Linux: If I could buy an off-the-shelf machine with the features I want and Linux installed I would have done so twelve months ago."

You youngsters* seem to need someone to wipe your noses all the time.

Buy your favoured drive-less laptop. Download an install image of a Linux distro and copy it to a USB thumb-drive Plug thumb-drive into laptop, blow away the eyeturd (you will find no disagreement from me on your points 1 & 2) and install Linux for yourself. Unless you consider a laptop and a USB stick to be "parts" (you bought such parts in 1993?) no buying of parts is required.

*You claim to be still commuting. That implies you're of working age therefore you're a youngster from my PoV.

Re: Nationalise the lot of 'em

You have to extend that to redundancy etc as well. Depending on the party ruling at the time the state might be very keen on handling all the pensions (not that they've been brilliant at that), parental leave of course. But they're not going to handle the costs of companies adjusting the size of the workforce to changing requirements.

"It's a company whose sole business consists of selling somebody's personal services."

Which, of course, is exactly what the big consultancies do. The difference is scale and hence the ability to fund lawyers against HMRC.

Re: IR35, is currently costing the taxpayer around £440m a year

"But if HMRC really have ignored how the contract "actually works", you'll be able to convince a judge and he'll chuck it out. Been there; done that. Although I only won on appeal."

You may have been lucky. Back in the day when i had to take an interest in such things there were some perverse decisions reported.

Re: "Nice to Have"

"if the standard involves effort (sliding the bolt on the door)"

Too late, there's probably a patent on that.

Re: persuading

"it's not Happy Panda's problem, it's ours."

It's theirs if they can't sell their stuff. Contains full of instant land-fill being turned away at the docks? The message will get through PDQ.

"Finally - as to the suggestion of arresting USERS because they have insecure IoT kit - that's stupid, there is no way that could ever be proposed to be added to law"

That depends on how bad the problem becomes. There are several points to apply pressure.

One is the market place via the types of regulation and certification that's in place already for electrical safety etc. It gives Trading Standards or the like to deal with vendors in the country and for customs to turn away incoming shipments. There's absolutely nothing novel in principle about this, it's just that govts. need to be kicked into motion to get a round tuit.

Another is the ISPs and through them the users. They can be required to put it into T&Cs that non-compliant kit can't be exposed on the net, either outside of firewalls or via uPnP.

Finally, after due warning, the users themselves if they insist on connecting stuff it can be made an offence. In practice, of course, the ISP would almost certainly deal with it by cutting off the customer but having the illegality as back-up to deal with awkward customers.

All this combined would make non-compliant stuff unsaleable. That would lean on the manufacturers more effectively than trying to negotiate international standards.

That leaves countries that are reluctant to get round to doing such things. "Nice internet connection you have there. Shame if it got disconnected for an hour or two now and again. Or a day or two."

Re: The blacklist of things

"Then what happens when innocent users SUE for the collateral damage of them not being able to go on the Internet for no fault of their own?"

What happens? The ISPs learn the advantage of making sure it doesn't happen again. Or, to put it another way, they learn the cost of not having made sure it couldn't happen in the first place.

As per another of your posts, we;re dealing with Stupid here so we need to to take actions that don't depend on Stupid understanding things.

Re: Today the web was broken ...

"Believe me, it's only going to get worse"...

...before it gets better.

Re: Capt. Hindsight

"As long as you are happy to pay manufacturer to have support team that will be resetting these passwords 24/7. Are you ?"

The user sets those. The default password is on the label. You reset it to get that and you then have to set a new password before you can get it online.

You, the user, lost the label? Sorry, can't help you, we don't have a record of it.* You'll have to buy a new one. Please look after that better.

* That prevents anyone ringing up trying to get the default password if it transpires the pile of crap device can be reset remotely.

"DNS resolution is needed for a lot more than just the URL you typed into the browser or clicked in Google. Each of the secondary domains that site calls have to be resolved too, and there can be dozens of them on a fairly typical site on the internet."

To say nothing of the tertiary and quaternary domains. OTOH if this forced sites to serve all their own crap this could be seen as a useful by-product

"The problem as ever will be no company having the balls to do this."

Turn that one round. As one of Nixon's henchmen said, when you have them by the balls their hearts and minds will follow.

Require them to do this.

Re: Home Router Traffic

"Also, to all the standards-talkers, persuade China first, discuss afterwards."

No, require stuff legally on sale and/or in use to meet standards and China will be persuaded.

Re: Standards Bodies need notice

"There is solution but it's not even remotely close to what you're rallying for."

I haven't seen you suggest it.

Re: Standards Bodies need notice

"Do you really want to live in communist utopia where government can control which device you can use to connect to Internet ?"

I didn't see that being suggested. It's not a matter of controlling which device, it's a matter of controlling the safety standards they meet. They'll already by subject to all sorts of safety requirements. For instance the telecoms network operators will already have specs as to what can be connected to ensure it doesn't put harmful voltages on the line or draw excess current. Or are your telecoms providers communist-run?

Re: Standards Bodies need notice

"I just wonder if you notice subtle difference between $30K car and $50 electronic device and how differently both industries regulated."

Your $50 electronic device should already be regulated as regards electrical safety.