* Posts by Philip Mather

15 posts • joined 22 Sep 2014

Your ugly mug may be scanned yet again – but at least you'll be able to board faster at Gatwick

Philip Mather

Actually experienced it...

I know this is against the rules of the Internet but I actually experienced this trial.

First off, they clearly hadn't got access to any other database, "Team" were mashing the "this passport matches this person" button on the manual gateway. My ePassport worked at all stages except this one.

The line of gates were just in front of the seating area pre-boarding, once through there was clearly no intention that you leave. There were no toilets. There were also not enough seats for everyone to sit down. You can imagine.

Random child tailgates perfect stranger as they scan through.

Another unrelated child backs away as parent walks through having lost concentration because of extra gateway.

Original random child miraculously teleports back outside the barrier without warning, or parents who have now gotten into the area.

"Team" goes into meltdown, hilarity ensues.

Did not remove either my beard or my wrap -around Oakleys whilst "Team" manually confirmed I matched my passport and stored photo?

Can't see this working myself, can see people getting very, very annoyed.

Stallman's final interview as FSF president: Last week we quizzed him over Microsoft visit. Now he quits top roles amid rape remarks outcry

Philip Mather

Re: Tracking

Think you mis-understand. Pager's don't communicate is the point, they receive only. If there's no transmission there's no way to triangulate the radio signal back was RMS' point.

He's not talking about the GPS unit sending back his exact location. Disabling the GPS in an Android phone physically is probably not that hard and certainly easy at a software level.

Quantum cryptography demo shows no need for ritzy new infrastructure

Philip Mather

"but isn't this still susceptible to man in the middle attacks?"

"but isn't this still susceptible to man in the middle attacks?"

No they shouldn't be, as per wikipedia (https://en.wikipedia.org/wiki/Quantum_network#Trusted_repeaters)

If you have a Trusted Repeater that repeater will decode your message, if you have a Quantum Repeater then it can't, even though it will be doing error correction to clean and further propagate the signal. I'm a bit vague about whether you would be able to distinguish (from a fundamental point of view) between a remote end point and a TR masquerading as it.

I can understand how the Quantum Repeater works, broadly speaking, based on my degree but I'm not clear about distinguishing an endpoint from a TR. I get the bit where they start talking about Bell States but nobody seems to address the question of identity, but the easy way of telling would be to communicate with yourself via your ISP i.e. have a transmitter and receiver at your end, establish entanglement between them and then examine their state to make sure they are directly entangled.

As per wikipedia...

"A true quantum repeater allows the end to end generation of quantum entanglement, and thus - by using quantum teleportation - the end to end transmission of qubits. In quantum key distribution protocols one can test for such entanglement. This means that when making encryption keys, the sender and receiver are secure even if they do not trust the quantum repeater. Any other application of a quantum internet also requires the end to end transmission of qubits, and thus a quantum repeater."

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Philip Mather

"PS: It appears 64-bit ARM Linux kernels will also get a set of KAISER patches,"

Why has no one asked the most critical question... do I need to patch my Pi?

Also, given the number of recent SNAFU's like this and Apple's login cock-up etc... I'd like to request a new +1 level of FAIL icon so that we can ring in 2018 with a new, appropriate level of numbnuttedness that the existing FAIL icon er... fails to encapsulate this new level.. Something like a double face palm icon?

GRAPHENE: £120m down, UK.gov finds it's still a long way from commercial potential

Philip Mather


Graphene is not really 2D, it's 0.00000034 mm thick.

Skype shuts down London office, hangs up on hundreds of devs

Philip Mather


You didn't anything about it being useful or valuable.

Jeff Bezos' thrusting cylinder makes Elon Musk's look minuscule

Philip Mather

Re: But can it land?

I tell you what if it could launch Westminster Palace instead of the Pentagon in to orbit I'd crowd fund the shit out of it?

Philip Mather

Re: Paper rocket

Rumour has it that Slashdot is in fact running out of a excel spreadsheet.

Philip Mather

Re: ....but third US astronaut to make a flight. (Not counting the apes.)

I was going to crack a "fire Trump into space" joke but actually, genuinely don't want to slur the apes with comparison to that "thing".

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Philip Mather

Game Over

The End.

It's not us, it's you: Boffins ditch supercomputers in lust for new materials

Philip Mather

Re: Scratches head

> Take the electron for example

Don't! There's only one of them, maybe, or not... https://en.wikipedia.org/wiki/One-electron_universe

Monster crowdfunding total raised for Sinclair ZX Spectrum Vega+

Philip Mather

Needs a decent video output format before anyone will care...

"Headphone socket doubles as an A/V connection, allowing stereo audio and composite video connection to a TV. Supports PAL and NTSC formats."

Staff 'fury' as penny pinching IBM offers legal minimum redundo payoffs

Philip Mather

Re: Owners matter too

I think perhaps you missed... "Work is being shifted to lower labour cost countries." ...that minimum wage you're talking about ...it just got a lot, lot lower.

AWS control freak can now manage ON-PREMISES servers

Philip Mather

Even less work for the true BOFH...

Now, when the intersnizzle falls on it's face you can not only wipe you hands of restoring your cloud hosted services but you can claim that you can no longer manage your own on-prem kit as well. ;^)

Let's make the best efforts, decentralised, ball of chaos that is the Internet a single point of failure for our entire civilisation. What Could Possibly Go Wrong?

CloudFlare ditches private SSL keys for better security

Philip Mather

More secure for who exactly?

Strikes me that this appears to absolve CF (now a literal MITM as pointed out) of maintaining private key security which is a good thing for them and also for the "server" to some extent I guess but this leaves two issues...

1) All of the most important traffic between the "client" and the "server" is now concentrated over a far smaller route being that it's now bottle-necked into the MITM (CF). I understand it's not the encrypted content being sent back to the customer's key server, just the "twice" encrypted and then "once" encrypted (on it's return to CF) pre-master secret but that is the "effective" security of the content. Tell me more about this "encrypted channel" between MITM/CF and "server"? Is the "client's" ID/IP transmitted over the same channel? Cloud flare do DNS as well don't they?

2) It always struck me that any architect/engineer with a clue, aware that they were handing over a private key to a third party, carefully considered the security of the MITM/CDN, the importance and sensitivity of the data involved and then segregated it from anything that was unique or otherwise un-cachable (i.e. important stuff). I can see that this would "incline" (?) people to just let CF handle everything and proceed not to think to hard about it.

Not entirely sure about this. It doesn't seem to benefit the end-customer/client at all and doesn't really offer the provider/server much real benefit (rather just shifts some risk about or trades it off from one place to another). The only clear winner here seems to be CF? Is this product cheaper than a "traditional" CDN, I mean they seem to be off-loading the risk of holding a private key? It must increase the network traffic for the "server"? Am I missing something? I dunno.


Biting the hand that feeds IT © 1998–2021