Philip Mather • User • The Register Forums

Your ugly mug may be scanned yet again – but at least you'll be able to board faster at Gatwick

Wednesday 18th September 2019 12:00 GMT Philip Mather

Actually experienced it...

I know this is against the rules of the Internet but I actually experienced this trial.

First off, they clearly hadn't got access to any other database, "Team" were mashing the "this passport matches this person" button on the manual gateway. My ePassport worked at all stages except this one.

The line of gates were just in front of the seating area pre-boarding, once through there was clearly no intention that you leave. There were no toilets. There were also not enough seats for everyone to sit down. You can imagine.

Random child tailgates perfect stranger as they scan through.

Another unrelated child backs away as parent walks through having lost concentration because of extra gateway.

Original random child miraculously teleports back outside the barrier without warning, or parents who have now gotten into the area.

"Team" goes into meltdown, hilarity ensues.

Did not remove either my beard or my wrap -around Oakleys whilst "Team" manually confirmed I matched my passport and stored photo?

Can't see this working myself, can see people getting very, very annoyed.

4 0

Stallman's final interview as FSF president: Last week we quizzed him over Microsoft visit. Now he quits top roles amid rape remarks outcry

Tuesday 17th September 2019 19:26 GMT Philip Mather

Re: Tracking

Think you mis-understand. Pager's don't communicate is the point, they receive only. If there's no transmission there's no way to triangulate the radio signal back was RMS' point.

He's not talking about the GPS unit sending back his exact location. Disabling the GPS in an Android phone physically is probably not that hard and certainly easy at a software level.

7 0

Quantum cryptography demo shows no need for ritzy new infrastructure

Friday 15th June 2018 09:32 GMT Philip Mather

"but isn't this still susceptible to man in the middle attacks?"

No they shouldn't be, as per wikipedia (https://en.wikipedia.org/wiki/Quantum_network#Trusted_repeaters)

If you have a Trusted Repeater that repeater will decode your message, if you have a Quantum Repeater then it can't, even though it will be doing error correction to clean and further propagate the signal. I'm a bit vague about whether you would be able to distinguish (from a fundamental point of view) between a remote end point and a TR masquerading as it.

I can understand how the Quantum Repeater works, broadly speaking, based on my degree but I'm not clear about distinguishing an endpoint from a TR. I get the bit where they start talking about Bell States but nobody seems to address the question of identity, but the easy way of telling would be to communicate with yourself via your ISP i.e. have a transmitter and receiver at your end, establish entanglement between them and then examine their state to make sure they are directly entangled.

As per wikipedia...

"A true quantum repeater allows the end to end generation of quantum entanglement, and thus - by using quantum teleportation - the end to end transmission of qubits. In quantum key distribution protocols one can test for such entanglement. This means that when making encryption keys, the sender and receiver are secure even if they do not trust the quantum repeater. Any other application of a quantum internet also requires the end to end transmission of qubits, and thus a quantum repeater."

2 0

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Wednesday 3rd January 2018 10:26 GMT Philip Mather

"PS: It appears 64-bit ARM Linux kernels will also get a set of KAISER patches,"

Why has no one asked the most critical question... do I need to patch my Pi?

Also, given the number of recent SNAFU's like this and Apple's login cock-up etc... I'd like to request a new +1 level of FAIL icon so that we can ring in 2018 with a new, appropriate level of numbnuttedness that the existing FAIL icon er... fails to encapsulate this new level.. Something like a double face palm icon?

4 0

GRAPHENE: £120m down, UK.gov finds it's still a long way from commercial potential

Tuesday 14th February 2017 13:23 GMT Philip Mather

2D

Graphene is not really 2D, it's 0.00000034 mm thick.

4 0

Skype shuts down London office, hangs up on hundreds of devs

Monday 19th September 2016 11:58 GMT Philip Mather

Clippy

You didn't anything about it being useful or valuable.

12 0

Jeff Bezos' thrusting cylinder makes Elon Musk's look minuscule

Tuesday 13th September 2016 15:27 GMT Philip Mather

Re: But can it land?

I tell you what if it could launch Westminster Palace instead of the Pentagon in to orbit I'd crowd fund the shit out of it?

1 0

Tuesday 13th September 2016 15:25 GMT Philip Mather

Re: Paper rocket

Rumour has it that Slashdot is in fact running out of a excel spreadsheet.

0 0

Tuesday 13th September 2016 15:22 GMT Philip Mather

Re: ....but third US astronaut to make a flight. (Not counting the apes.)

I was going to crack a "fire Trump into space" joke but actually, genuinely don't want to slur the apes with comparison to that "thing".

2 1

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Tuesday 14th June 2016 09:02 GMT Philip Mather

Game Over

The End.

10 0

It's not us, it's you: Boffins ditch supercomputers in lust for new materials

Friday 10th June 2016 14:21 GMT Philip Mather

Re: Scratches head

> Take the electron for example

Don't! There's only one of them, maybe, or not... https://en.wikipedia.org/wiki/One-electron_universe

11 0

Monster crowdfunding total raised for Sinclair ZX Spectrum Vega+

Tuesday 29th March 2016 16:30 GMT Philip Mather

Needs a decent video output format before anyone will care...

"Headphone socket doubles as an A/V connection, allowing stereo audio and composite video connection to a TV. Supports PAL and NTSC formats."

0 1

Staff 'fury' as penny pinching IBM offers legal minimum redundo payoffs

Monday 14th March 2016 15:16 GMT Philip Mather

Re: Owners matter too

I think perhaps you missed... "Work is being shifted to lower labour cost countries." ...that minimum wage you're talking about ...it just got a lot, lot lower.

0 0

AWS control freak can now manage ON-PREMISES servers

Friday 6th March 2015 12:33 GMT Philip Mather

Even less work for the true BOFH...

Now, when the intersnizzle falls on it's face you can not only wipe you hands of restoring your cloud hosted services but you can claim that you can no longer manage your own on-prem kit as well. ;^)

Let's make the best efforts, decentralised, ball of chaos that is the Internet a single point of failure for our entire civilisation. What Could Possibly Go Wrong?

0 0

CloudFlare ditches private SSL keys for better security

Monday 22nd September 2014 21:39 GMT Philip Mather

More secure for who exactly?

Strikes me that this appears to absolve CF (now a literal MITM as pointed out) of maintaining private key security which is a good thing for them and also for the "server" to some extent I guess but this leaves two issues...

1) All of the most important traffic between the "client" and the "server" is now concentrated over a far smaller route being that it's now bottle-necked into the MITM (CF). I understand it's not the encrypted content being sent back to the customer's key server, just the "twice" encrypted and then "once" encrypted (on it's return to CF) pre-master secret but that is the "effective" security of the content. Tell me more about this "encrypted channel" between MITM/CF and "server"? Is the "client's" ID/IP transmitted over the same channel? Cloud flare do DNS as well don't they?

2) It always struck me that any architect/engineer with a clue, aware that they were handing over a private key to a third party, carefully considered the security of the MITM/CDN, the importance and sensitivity of the data involved and then segregated it from anything that was unique or otherwise un-cachable (i.e. important stuff). I can see that this would "incline" (?) people to just let CF handle everything and proceed not to think to hard about it.

Not entirely sure about this. It doesn't seem to benefit the end-customer/client at all and doesn't really offer the provider/server much real benefit (rather just shifts some risk about or trades it off from one place to another). The only clear winner here seems to be CF? Is this product cheaper than a "traditional" CDN, I mean they seem to be off-loading the risk of holding a private key? It must increase the network traffic for the "server"? Am I missing something? I dunno.

1 0

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Posts by Philip Mather