* Posts by GrapeBunch

825 publicly visible posts • joined 19 Apr 2015

Page:

How to confuse a Euro-cop: Survey reveals the crypto they love to hate

GrapeBunch

Re: Encryption will only work as intended until everybody is using it all the time

" @Whitter Stenography is your friend.

Shorthand? Do you perhaps mean "steganography"? "

That never worked. The dinosaur broke the pencil.

Hyperloop One settles hangman lawsuit

GrapeBunch

"I wasn't dreaming, I was levitating", she said, "and later I slept so much better."

Microsoft's cmd.exe deposed by PowerShell in Windows 10 preview

GrapeBunch

TCC

I use the free version of TCC as a command line. Some improvements over cmd.exe, and loads in ... half a second?

Customer data security is our highest priori- ha ha ha whatever, suckers

GrapeBunch

Re: Company law

"The problem in the UK has always been short term thinking" so the fat directors fill their faces with roast EFF while outside in the rain Oliver Twist and Tim Cratchit are wrestling through the ordure over a shard from Nell Gwyn's wooden leg.

GrapeBunch

Re: The seventies version of the future was so much cooler ...

not Star Trek ... so much for vaunted German audio systems. I could hardly hear what they were saying. What language were they speaking? Blaupunkt my ass.

GrapeBunch

Re: Aw poo.

Hey, Dabbsy, I'll take the 19 KGB off your hands, before the FBI steps in and takes it. Thunderbirds launch sequence reminds of Wallace and Gromit. Pity the Beach Boys, they're serfs too.

Antivirus tools are a useless box-ticking exercise says Google security chap

GrapeBunch

There needs to be a secure protocol for what we now do with email, including checking origins. Gov'ts don't like this because it means that communications will be private.

I had a funny thought about whitelist implementation. Instead of on/off, your security software will give you a probabilistic choice. For example, say you want to install Microsoft Word (which comes with the old-fashioned baggage of Word macro viruses, ETC.). Instead of saying "No", the security software would say "Pay me $5" (which might be the average cost of defending the vulnerabilities). This is not just "funny", but it might have good effects on app writers to reduce or eliminate the vulns in their opera. "That's not a $5 bill, it's just a jpeg of a mall statue!"

Finally, would a setup much like Virtual computing improve security for computers that access the internet? You have a nice powerful computer, but you expose to the world only a known good configuration, a sandbox if you like. During coffee break, the system compares with the known good configuration, shuttles away anything that's been changed, restores the known good configuration, and after automated examination of the shuttled stuff, makes available the non-executable portions, maybe not at the same terminal. The known good configuration and the software which manages the sessions would be in "ROM", perhaps even literally. Loss of the "cache" would be annoying, but might improve work habits. Readers who are old enough or who travel may remember there was such a thing as an "Internet Cafe", which evolved to use a similar schema between customers. In my own town we have Internet at the Library, run on a similar basis. Too crude, too obvious, too cold? For most of the people I help, the ability "seamlessly" to go back to a known good configuration would solve most of their computer problems. Yesterday, one of them was typing a reply in gmail and apparently in trying to type the character "+" (which is Shift-+=) her finger slipped and she accidentally typed Ctrl-Shift-+=, which is a command to gmail to increase the font size. gmail is mostly OK with vertical scrolling, but not so good with horizontal scrolling and the interface soon became impossible because she couldn't read what she was typing. It required a house call. OK, maybe turning off gmail keyboard shortcuts would solve this particular problem. And maybe being able to go back to a known good config would not help in this case because the font size is stored in google's cloud rather than on the user computer. But you get the drift.

Nest Cam: A compelling piece of hardware-software

GrapeBunch

Smart home

In 1979 I was about to buy a first-ever computer, for the office-home. The two finalists were both from North-Eastern Ohio, curiously a "silicon valley" that wasn't, eh? The Ohio Scientific machine had a dealer, whom we visited in a nearby city. Either machine would have the power to do what we wanted. The Ohio Scientific dealer touted his brand's extra facility, which was, with the help of add-ons, to control lights going on and off in the office-home. For security and convenience. The demo went on for over an hour (remember, in 1979 a computer with 48K of RAM could cost $us5,000). Afterwards, my colleague and I disagreed about the value of the office-home automation facilities. I thought it had zero value; she thought it had negative value! Yet here we are almost four decades later and the smart home stuff is ubiquitous and sometimes imposed upon us, instead of toasters that just work.

We went instead with the more standardized (for the day) option, a 64K RAM S-100 Z80 system running CP/M 2 with dual 8" double-sided, double density (1.2 MB) floppy drives. That's right, no hard drive or solid state memory. Ohio Scientific (OSI), with its proprietary system, fell off my radar after a while. Which makes sense in light of their wikipedia entry. If OSI had touted the smart home to electricity utility execs (i.e., people spending other people's money) instead of to end-users, would their founders have become early billionaires? Would I have become even crankier?

British politicians sign off on surveillance law, now it's over to the Queen

GrapeBunch

VPN

Would using an offshore VPN effectively blindfold this surveillance?

Security bods find Android phoning home. Home being China

GrapeBunch

Re: Provider of firmware over the air

Firmware over the air. Electric "smart meters". Either the firmware is fixed, and therefore forever hackable by all exploits. Or the firmware can be upgraded over the air, in which case somebody can reverse-engineer the upgrading process and install JoungSploder TM firmware. Or the utility company will send out a million little men with a screwdriver and a box full of ROMs. Ha ha.

GrapeBunch

Confused

Teenage hackers go to jail for far less. Why is this systematic theft merely a curiosity?

Harder, better, faster, stronger (apparently). The IronWolf goes Pro

GrapeBunch

What do those government and corporate data centres use to store our personal information that they've slurped? When capabilities don't advance as quickly as I thought they might, I always imagine that google or NSA has ordered an entire production run of The Latest Thing.

Are they really marketing a device that claims to be able to rewrite itself 37.5 times in a year? Sounds ideal for slurping, not for database management. Or am I misunderstanding the jargon, or is my eyesight bad?

Microsoft just got its Linux Foundation platinum card, becomes top level member

GrapeBunch

Re: Great news!

"Until they fork it". I'd be more concerned about poisoning the well.

Fujitsu: Rumours of our PC demise have been greatly exaggerated

GrapeBunch

One plus one

I like the one plus one equals three quote. So after the agreement, we'll have Lenovo, and we'll have Fujitsu, and we'll have, what, Fleajitsu? NovoFudge?

Firefox hits version 50

GrapeBunch

Re: Android

"Chrome uses undocumented Android API's"

Just like MS and Windows. The security risk was a good reason never to use MS applications when running Windows, and sounds like a good reason to use another browser (e.g., FF or Opera/Chromium) in Android.

Tabs, windows, history, bookmarks, export/import, cache, sessions, refresh, previous page, first page, last page, cloud bookmarks ... they're all facets of the same thing. I can't help but hope that one day we'll have a user-friendly interface that encompasses all of these concepts in a customizable but by default more straightforward way. Here's a tiny f'rinstance. Some sites don't have favicons, or historically they didn't have favicons. There was a FF extension that would help with favicons, but only in the Bookmarks list. The same favicons would not appear in the tab bar because of the way FF was organized. This went on for years. Not sure if it is still the case, but while it was a ffactor, it was eFFing annoying.

Gone in 70 seconds: Holding Enter key can smash through defense

GrapeBunch

Forest

So it's 70 seconds, regardless of the key-depressed-repeat-rate and the key-depressed-repeat-delay?

Standing back, this looks like another way to say buffer overrun. I'm not even sure why that was ever a thing. It's like you dimension an array to 100, but if a process contrives to ask for record 110, it's not a computer room anymore, it's a computer shroom. Before you press the down arrow, I'm not criticizing linux, but I might be criticizing (certain implementations of) a programming language.

GrapeBunch

Re: Missing item in the series?

Hsilop Notation - How dare you inslut dylsexic Hislop's?

Dirty code? If it works, leave it says Thoughtworks CTO

GrapeBunch

Dirty as opposed to clean?

I thought that dirty code was stolen code, as in the code whose functionality you need to replicate using "clean room" methods. So what is "dirty code" in this context? Code written to standards that are no longer fashionable?

I wrote a program suite in CB-80 to run in CP/M. When the time came to recompile this for CB-86 and DOS, my successor was pleasantly surprised, he needed to change only a couple of lines out of thousands. When "the competition" decided to advance to a new platform, they were down for about nine months. Was my code "cleaner"? No, we were lucky.

China gets mad at Donald Trump, threatens to ruin Apple

GrapeBunch

FIPPA

Canada signed a long-term trade deal (called FIPPA) with China. We're ... (rhymes with 'crude'). So totally .... Keep your peckers up, United Statesians, your battle is yet to be fought.

Post-outage King's College London orders staff to never make their own backups

GrapeBunch

Re: You are slightly missing the point

Then procedures should require that the sensitive data backup be encrypted, whether it is stored on a USB drive or on the institution's own backup array. So we return to security by obscurity and obfuscation.

GrapeBunch

I foresee a return to a role for offline computers running obsolete OSes, pared down to a tiny number of applications, little or no security, communicating if necessary by sneakernet. There will be a place for the networked, secure, up-to-date computer, as a place to test USB sticks for malware before those sticks join the sneakernet. The machine the institution or company dumpsters today, you might wish tomorrow to have rescued. Those isolated machines will require their own localized backup strategies. With multi-TB self-powered 2.5" USB drives cheaply available, the strategy need not impress the Nobel Committee.

Boffins find Galaxy making killer radiation, rule out Samsung phone as source

GrapeBunch

The Inferno

Fred (and Geoffrey) Hoyle (of Steady State Cosmology fame) in 1973 wrote a novel The Inferno about the effects on earth-life of what seemed to be a Nova rather too close for comfort. This is the book where the Astronomers and the Physicists get together in a room at an Observatory in Australia, figuring out how close this thing need be to fry us, the Astronomers start talking about kiloparsecs, and the Physicists look back blankly. "What the devil is a parsec?" Too funny. Then pages of equations...

My first computer, in 1979, was a Quasar Data Products-100. In those days a Quasar was the most powerful known source of radiation in the Universe, though I guess now that would be a Samsungsar. Sic transit lumina.

Adult FriendFinder users get their privates exposed... again – reports

GrapeBunch

400 million accounts? I wonder how many of those are "managment" accounts. I don't mean "staff" accounts, I guess I mean "database management" accounts. For example, to convince male clients that there are sufficient female clients. And how many are some guy setting separate accounts with every gender / gender orientation / age / hair colour^H^H^H^H^H^Horientation he can think of, to generate the max number of "hits".

CERN also has a particle decelerator – and it’s trying to break physics

GrapeBunch

Re: Next question...

Thanks. "A Catching Trap for All Antiproton Seasons" might calm my qualms. In some alternative Universe, LOL.

GrapeBunch

Re: Next question...

For decades (and yes, it's made me decadent) I've toyed with the thought that anti-matter experiences anti-gravity in relation to matter. That would make gravity some little bit symmetrical with charge. Like charges repel; opposite charges attract. In gravity, like matter attracts; opposite matter, well, in this scenario, repels. I also wondered if anti-grav would make redundant all that dark matter / dark energy stuff they keep droning on about. If they're using laser beams (rather than the Scales of Justice) to measure mass, perhaps my anti-grav idea still has a few months of plausibility left in the can.

Google makes it to third base with Home digital assistant

GrapeBunch

Re: I am joined to both ecosystems

"from ecosystem-exiters, one assumes)"

Rest assured that our colleagues at Ecosystem-bristol and Ecosystem-plymouth will also downvote you.

GrapeBunch

Re: Kitchen interface for Spotify

"But it has to be an earth-shattering kaboom box..." but to all of them, it's a ka-ching box.

Mozilla officially kills Firefox OS for smartphones in favour of 'Connected Devices'

GrapeBunch

Fire Foxos, the Final Fork

Does that mean anybody could step in and take over? In other words, is the work they've done now free software? For goose, for gander, same sauce is?

As to Firefox itself, I still use it, but maybe I should be glad that I don't ask much of it. Also use Vivaldi and Opera. Have never used MSIE, except in extremis. Gradually became disenchanted with Google Chrome and erased it from all my machines. Yes, I know that Vivaldi and Opera are based on the Chromium engine.

As to Firefox, a couple of years ago I noted that the author of the best Firefox extensions I ever encountered, quit Mozilla code writing stone cold. It had something to do with the bureaucracy surrounding each new FF release, and ~qualifying~ your extension to work on it. So yes, I have an old install of Firefox in reserve, just as I have Opera 12.17 for its "create follower tab" feature, thereafter discontinued.

Teen in the dock on terror apologist charge for naming Wi-Fi network 'Daesh 21'

GrapeBunch

100-yard dash

With that title he could get done for five crimes: supporting terrorism; reverting the course of justice; using a non-SI unit; using a foreign language; using sounds that don't exist in French (where we write 'sh', they would write 'ch' to make the same sound). Godwin's Law: it's a brick house, just the same.

Fresh Euro Patent Office drama: King Battistelli fires union boss

GrapeBunch

Not funny, outside of a small circle of friends

The skit would have a board member say: "I don't want to lose fass". That's an understandable mispronunciation of "I don't want to lose face" for somebody whose main knowledge of English is through the written word. O Patent Office. The possible humour lies in the confusion with: "You bloody well *should* want to lose farce", as well as "loose fascist". It should end in a fass plant.

Cohesity COO Riccardo Di Blasio cut loose by board after HR probe

GrapeBunch

Cohesity. Isn't that an oxymoron?

Today the web was broken by countless hacked devices – your 60-second summary

GrapeBunch

Parallel Universe of IoT hurt

as smart fridges and their IoT ilk get slotted in via "Smart Meter" routers, over which punters may have no control. Incidentally, can any North American "Smart Meter" user report whether these things sport a CSA, UL or FCC logo?

This speech recognition code is 'just as good' as a pro transcriber

GrapeBunch

yo homies sup?

The type of conversation with error rate greater than 10%--family-based--must be among the more difficult ones to interpret. First, there would be no attempt on the part of the speakers to mask any local accents or dialects. Second, they could be speaking in code. For example, when a person says "uh-huh", are they clearing their throat, or is it a meaningful contribution to the discourse, a token for a paragraph's worth of words? Third, they can refer to people by name, or by nickname, or by relationship or by creative insult. The only conversation that I think could be more challenging, would be between teenage friends.

Some years ago I heard a CBC radio interview of a newspaper reporter who developed an RSI through typing, presumably at a computer terminal. So he switched the text recognition software, best that money could buy at the time, one would assume (he was working for a top newspaper) but before long developed a vocal RSI, even more debilitating, because the software would not understand him unless he stopped briefly between each word. He took part in the interview only with some difficulty.

A final thought-sac: if they released very good OCR or speech recognition software, punters would reach a stage where they'd rarely be inspired to buy the next version or upgrade. It's a bit like Windows, where they're forever taking "one step forward, two steps back" to make your current User Experience on a par with Windows 2000 (taking into account that faster CPUs and gargantuan RAM should have improved your experience). At this point, one might well ask "so what's the excuse of [alternative family of OSes]?", but I'll put it in a more positive way, that I'm hoping they blow MS Windows out of the water on every level, before long.

Mysterious algorithms, black-box AI recruiters are binning our résumés

GrapeBunch

AI

Bottom line, if I include "AI Programmer" or "AI Systems Analyst" in a CV, they'll regard it as a Good Thing, the fools. "AI Technician" maybe not so much, unless it's a farm job. Funny thing, though, the extraction and massaging of wordy data from text, which is the programming I did for a couple of decades, seems to pass as AI. AI, no lie.

Sweet, vulnerable IoT devices compromised 6 min after going online

GrapeBunch

Re: IoT

"I do know one thing and that NO, repeat NO IoT device will ever be connected up in my home." In some jurisdictions, an electric "Smart Meter" is mandatory. Although one hopes that the electric utilities which own these meters will be more security-conscious, they still have the same IoT weaknesses mentioned in other comments. And the possibilities to wreck mischief go far beyond DDOS.

Smell burning? Samsung’s 'Death Note 7' could still cause a contagion

GrapeBunch

Re: Any chance...

<sterling versus yankee dollars> Paul Whitehouse, the Welsh actor, doing his geezer skit could set you straight on that.

US govt straight up accuses Russia of hacking prez election

GrapeBunch

Look at it from their point of view

Take the name of a candidate, transliterate it to Russian, then back to English: Tramp. It is impossible to pronounce the name of the other candidate in Russian. If you put the stress where it belongs, on the first syllable, that degrades the sound of the unstressed vowel. So CLIN-tan is about as close as you'll get.

"We watched the Presidential Debates with much mirth. Comrade Ivan Nikolaevich proposed that each time we laughed, the sinner should propose a toast to one of the 50 glorious States. By the time we got to Ouaioming, Ivan Nikolaevich himself was completely plastered. We were finished the 50 States, but the debate was still going. Suddenly, Boris Andreevich said "Puerto Rico!". By the time we were truly finished toasting, there were 257 glorious States, including our beloved Rodina."

British Gas wins pre-paid smart meter patent lawsuit

GrapeBunch

bonus pretii ?

Surely state-employed hackers are assembling arsenals (one arsenal per state) of "smart meter" exploits to deploy should things ever get "hot". You might imagine that these exploits would be "up to" cutting off your service, but where electricity and natural gas are concerned, exploits can be far more deleterious than that. I'm glad to see that payment is integrated into the function of some smart meters. Perhaps this will attract the attention of private or commercial hackers for present-day exploits. This will have two benefits: it will allow Utilities a practice-ground to see how to defend against everyday threats (the threats from states are likely to be more powerful because a: they have more resources; and b: their arsenals will include exploits where they aren't afraid of getting caught); and the rest of us may begin to ask why our utility conduits are labelled "Blow Me (Up)".

And! it! begins! Yahoo! sued! over! ultra-hack! of! 500m! accounts!

GrapeBunch

From the numbers, as many US adults were victims of the hack as were not victims. It seems more that the "class" of the action is the average citizen. It would make more sense if the government settled on behalf of all citizens for $1 (or more) per citizen, precluding all other US class actions, but not individual claims. And take $1 off everybody's tax bill. Ha. Ha. Ha ha.

Windows printer bug fixed

GrapeBunch

Re: Printers. Pah!

"My current printer, a Postscript Lexmark C543dn ..."

Same printer here. I had tremendous problems getting it to print from XP on the LAN. The 100 MB printer package from Lexmark is pretty much useless. Even before XP was deep-sixed by MS, my reliable way to print anything was to take the job on a USB stick from the computer which is 3 feet from the printer, move it to a Win 7 machine 30 feet away, print (wirelessly on the LAN), then go fetch. I suppose it's OT to note that I had better networking under Win95 than I have currently under Windows.

Days are numbered for the Czech Republic

GrapeBunch

In the old days

the international name of a country might be based upon its name in French. For example, Netherlands = Low Countries = Pays-Bas. See where I'm going? Then your Paycheck is in the Mali !

Oh well, countries are bound to be a joke, or almost one, in some other language. For example, if you tried to take a derivation for Canada in Spanish, the closest you could get would be Aca Nada = Nothing There. Perhaps that's what inspired the "Quelques arpents de neige" remark. Or perhaps the other way around.

It seems to me that, because Chechnya, and because it's still early days in the monde post- Czech Republic, that English-speakers choose Czechland. If other languages go different ways, no big deal. After all, Németországi Szövetségi Köztársaság is still with us, even though its name is dissimilar in so many languages.

Double KO! Capcom's Street Fighter V installs hidden rootkit on PCs

GrapeBunch

Re: Why the double standard here?

IANAL BIPOOTI, but intent. Admittedly intent also looks double-standardly if examined. Company putting code on your computer to harvest your private data: OK; you putting code on their computer to research their private data: crime. You accepted their software, albeit presented under pretences. They accepted your phishing email. Hmm, not much difference! Here the intent was to prevent misuse of the company's IP. But isn't there a caption for criminal negligence, reckless behaviour?

Too serious. Time for a singsong. After me, please:

"Fake fake fake

fake fake fake

fake BIPOOTI" (to the tune of "Shake Your Booty", for anyone under 50).

FBI overpaid $999,900 to crack San Bernardino iPhone 5c password

GrapeBunch

Re: @Voland ...You are missing the point

'they paid the $$$ because the potential value found on the phone was worth more.'

We need an acronym for that. May I suggest SWSSNSS

Sure wuz some 'spensive naked sleb shots

being what we dream they found-but-will-never-tell-us.

That's pronounced 'Swiss Niss'.

GrapeBunch

Re: Only $100? That explains his name

I was going to say his name means quickly blessed Skoro - quick; bogat - blessed, handsome; ov - of. I guess it's a question of perspective.

GrapeBunch

Re: Fragile evidence...

----- ... but I play one on the Internet

trivial change to "but I play one on TV" -----

That trivial change is worth almost a million bux. HIHWW.

Hyperbole Is How the World Works, y'all.

You call it 'hacking.' I call it 'investigation'

GrapeBunch

Ha ha. In long ago more innocent days, I got a call from an HSBC rep who suggested a better pigeon hole (still within HSBC of course) for some dosh. After a lot of discussion (she needed to convince me!), I agreed. Then she asked for whatever the security was at the time. "But you called me!" So the call and discussion turned out to be pointless. Hmm, maybe HSBC could corporately sponsor the TV quiz game, Pointless.

ICANN latest: Will the internet be owned by Ted Cruz or Vladimir Putin in October?

GrapeBunch

How about a disinterested NGO that all governments love about equally?

Amnesty International. Then IANA might become IANAAI. Apologies to all in the AI community.

Gmail suffers worldwide wobbly Wednesday

GrapeBunch

None of the above.

E-mail is "broken" and "insecure", so cloud outages may not be a bad thing if they remind us that there may be better alternatives. If I phone or e-mail for help, usually what I'd rather be doing is secure web-chatting. For example. I prefer Ctrl-A, Ctrl-C, Ctrl-V to "Do you have a pen and paper handy?"

French hackers selling hidden .22 calibre pen guns on secret forums

GrapeBunch

Le savon de ma tante est sur la table.

So many strange new things that one wonders what to make of, then an exposé, c'est cool, and it all makes sense.

Page: