Re: I've been called a dick once or twice
and _I_ invented inventing claims of inventing. send ME even MORE money!
10282 publicly visible posts • joined 1 May 2015
yes. the date. excellent point!
And there was this CDC 'Cyber' system in use by the state of california university system, which had, *cough*, e-mail on it. and there was this guy in 1978 at SJSU who had written an e-mail system for the on-campus timesharing minicomputer (running RSTS/E on a PDP-11/70). His name wasn't "that guy" either.
There was also another guy, an associate prof, who accessed ARPANET e-mail over a phone connection.
So yeah, I call B.S. on that idiot's "invented" claims of inventing e-mail in the _LATE_ 70's. RFC's 821 and 822 notwithstanding, of course.
"The only real solution is, well, planned obsolescence."
yeah we'll have your web-capable self-driving car just STOP WORKING one day. Fun.
Seriously, though, I proposed 2 possible solutions that would actually WORK, both of them involving ssh. Phone applications would be forced to tunnel into your private address space to access IoT devices. Anything with a publically-facing IP could (in theory) ssh tunnel into a 3rd party "connection" service for similar tunneling capability, in case it has a dynamically assigned IP.
maybe I could experiment with this. I got a couple of arduinos, some sensors, and a couple of WiFly shields banging around... set up a very private LAN for those things, etc.. Write a 'droid application to tunnel through and use TCP/IP through the tunnel to access the devices, for proof of concept. Yeah, might work!
the real solution is a lot more obvious: don't expose them to the public intarwebs without a secure shell of some kind that uses an actual LOGIN...
best way to handle that is an ssh tunnel capability in your firewall. that would mean running sshd on every firewall system out there (quite possibly on a fixed IPv4 address, or an IPv6 address), with PROPER security even, and allowing ONLY properly credentialed users to secure-tunnel into your network to access the devices (say 'phone application with an assigned ssh cert'). THEN all of the IOT devices won't use UPnP to tunnel past the firewall and listen on the intarwebs, or even use publically viewable IPv6 addresses for the same purpose, but would INSTEAD listen on a private LAN IP [and/or non-public IPv6]. The sshd login would then become the 'single point of failure' so the firewall makers would have to goad people into setting it up PROPERLY, then SHUT! OFF! THAT! HIDEOUS! SECURITY! CRATER! known as 'UPnP support on the router'.
/me notes my FreeBSD computer serves as firewall, router, IPv6 tunnel, web server, and sshd for remote access, on a fixed IP, with a 'godaddy registered' name server running, and a few other things. Ok most people don't want this, but if EVERYBODY HAD TO DO THIS to get IoT to work right, it would be a HELL of a lot more secure!
the alternative would be a cloud-based "solution" involving a) a 3rd party sshd-based cloudy server, b) connect to it from your network directly using a daemon/service/whatever to connect your LAN to the service, and c) tunnel through that connection from the 3rd party sshd, through that daemon/service/whatever [which could JUST be ssh invoked with the proper parameters], so that the connection works on both ends.
Anyway, IoT devices using such a service would be as secure as the ssh config. But at least it would become a stumbling block to scanning the ENTIRE address space looking for poorly configured TELNET on IoT devices...
"When the initial retail Windows 95 came out it did not connect to the internet* but instead only connected to the original MSN, a private network for Win95 only."
not entirely true. The 'plus pack' had Intarweb Exploiter in it, and I think it was a free download if you subscribed to MSN at that time, which ALSO installed a *real* WINSOCK connection to the intarwebs. I forget the details since I beta tested MSN before '95 was released, as well as '95 itself [and the plus pack - Hover was a pretty cool game] so I snarfed up a really cool MSN login/e-mail name with no suffix numbers [the only reason I keep sending them $4.95 per month, to keep it; that, and the 'emergency' dial-in access for those times that I've needed it].
Ah yes, the days when the number of search engines were few, and many of them were manually edited for appropriate links and content, and Mirsky's "Worst of the Web". And no F'ing JAVASCRIPT.
But seriously, '95 came WITH dial-up internet access if you subscribed to MSN. Out of the box. CompuServe didn't have that for another year or so.
you had me up to the iOS comment. no up nor down now.
I think Android Studio is about as good as Micro-shaft's developer studio, and it has MANY of the same *kinds* of irritations and quirks that you have to learn to work around.
Since I'm privately working on my OWN cross-platform IDE with an appropriate C-language compatible toolkit, I _can_criticize. Unfortunately I lack time+funds to complete it in a short period of time. Interestingly the VACUUM for a decent IDE is still THERE.
Some of the worst aspects of Micro-shaft's development IDE are present in Android Studio, starting with the cumbersome nature of 'Auto Complete', the "hands off the keyboard" properties "thing" in the screen editor, and [worst yet] the *HIDEOUS* behavior of said screen editor when you make even the *TINIEST* of changes, and watch your entire screen RE-ARRANGE on you in the most HORRIBLE fashion. It's caused me to SCREAM PROFANITIES.
Then there's the automatic code formatting. K&R style? REALLY? How about a *SINGLE BUTTON* to change it to ALLMAN STYLE for THE REST OF US, and *THEN* *KEEP* *THE* *STYLE* *SETTINGS* *INTACT* if you zip/tarball the project and copy it to a DIFFERENT COMPUTER (like multiple people working on it, via e-mail or something) ???
It takes *WAY* *TOO* *MUCH* *DAMN* *TIME* to set up for Allman style. You have to change SO many things in SO many places. And how can you turn it *OFF*? Maybe there's a way, but it's SO hard to find things like that, it's almost worth "just changing all of those OTHER things".
So I wouldn't call it "light years ahead", but it DOES have a number of useful features, and from within a Linux VM, CAN! BE! SET! UP! TO! RUN! ON! THE! HOST! DISPLAY!!!
Yes. I do occasional 'droid development in a Linux VM, with the USB device forwarded [virtualbox], on a FreeBSD host. the latest 64-bit Mint does pretty well for that.
/vent complete, hence the mushroom cloud
crimes are crimes. NOBODY is above the law. A local congress-dude, Randy Cunningham, war hero and conservative Republican, was taking bribes in various forms, and went to jail for it. No sympathy. Even though he was a good guy MOST of the time, he broke the damn law, and deserved the punishment. Sad, though. I'd say the same for Powell (if he's guilty of something) or anyone else that gets convicted of things LIKE mishandling classified information, for having a separate e-mail address in violation of national security laws (etc.).
The question on Powell is whether or not classified information was involved. He might be fined and given probation for a simple "oh crap" violation, particularly if it was negligent. If classified info was put at risk [as was apparently the case for Mrs. Clinton], and ESPECIALLY if people died because of it (like in the Ben Ghazi incident, where classified details of that situation may have been in e-mails on Mrs. Clinton's server, and may also have been downloaded by foreign enemies, and investigation SHOULD be done to determine whether or not this is the case), in such a situation where people may DIE because of leaked classified information, Mrs. Clinton most DEFINITELY deserves JAIL TIME.
" one classified (or more sensitive) email is 1 too many."
I agree, and shall expand:
"For official use only" - can compromise military readiness or policies that take away advantage or put the country at a disadvantage in any kind of war or conflict. Example, the press shows up at a beach landing of U.S. marines, and gets in the way. Yes, this has happened.
"Confidential" - is likely to compromise military readiness, or take away advantages, etc. example, significant improvements in foreign anti-submarine warfare and submarine technology suddenly "happening" due to the activities of 'the Walkers' back in the 80's...
"Secret" - is likely to comprise agents or soldiers in the field, possibly getting them killed. No example, though I can think of a few. Best not to go there.
"Top Secret" - serious harm to defense, lots of people killed, and so forth. A 'top secret' thing might be a device that allows a ship, plane, or platoon of soldiers to be undetectable, or a new type of weapon that could easily end (or prevent) a war. Even knowledge of its existence would be a serious problem. The manhattan project is probably the best example of this.
(when referring to such a secret, in a conversation to those to whom such a secret has been disclosed, it is not uncommon to use a generic term, like "the device" or "the gadget" or similar, NOT even using the real name that both parties are fully aware of, to avoid disclosure)
Mrs. Clinton was authorized for Top Secret (and possibly 'eyes only') information. And when I was in the military, you didn't get this, even if you had clearance, unless you had "need to know". It's treated VERY seriously, for obvious reasons. If ANY of that information went onto her non-government insecure e-mail server, which she OBVIOUSLY kept for DISHONORABLE purposes (i.e. HIDING things from 'freedom of information'), it was a CRIME.
"Whoever knowingly and willfully communicates"
using an insecure server to communicate this information, in violation of the law (which Mrs. Clinton DID do), would be sufficient. State Department employees were REQUIRED to use a government server for all of their communications, primarily because of the 'Freedom of Information' act, and also because of the classified nature of many of their communications.
For several high profile people (like General Petraeus), this was sufficient. But Mrs. Clinton is "above the law" in the eyes of the Obaka administration's justice department, and THAT is why it's 'at issue' right now.
https://en.wikipedia.org/wiki/David_Petraeus#Criminal_charges_and_probation
in short, UNAUTHORIZED REMOVAL AND RETENTION of classified material was what he plead guilty to. That _could_ be a) Mrs. Clinton's e-mail server, OR b) Huma's husband's laptop
either would be sufficient to qualify as 'removal and retention', and since it was NOT 'authorized', it becomes a punishable CRIME.
Petraeus essentially got a public 'noodle whipping' but that was about it. Probation and a big fat fine. Could have been a LOT worse.
Mrs. Clinton, on the other hand, gets lots of HOWLER MONKEY NOISE in her favor, and the willing media fanbois trying to OBFUSCATE it all, and make her President, in spite of it.
because, the CLINTONS are ABOVE the LAW. [and THIS is why they should be prosecuted to the FULLEST EXTENT, because they've been so ARROGANT about it for SO long!]
let's see if this is too far down the list of replies to get the dozens of howler-monkey downvotes...
"by sending this information only to Republicans."
that actually did NOT happen. All members of Con-Grab got "the memo".
interesting spin, though. The rumor mill has apparently altered a few facts in order to portray a political motive.
(like the downvote ratio I've been receiving for anything anti-Clinton or pro-Trump)
Didn't BREXIT get similar downvote ratios here? It's a good sign! Yeah, I thought BREXIT was a pretty good idea, said so a few times, gave some references to 'El Reg' articles that showed how the Brussels "overseers" had been slowly tightening the screws on UK, made some references to the US revolution in 1776, etc. and got plenty of "howler monkey" downvotes because of it.
[and the Cubs won the world series, too! imagine that!]
it's all 'signs of the times'. We'll see what happens on Tuesday. I am pretty optimistic.
"3) How are the accusations against Bill Clinton around sexual misbhaviour relevant to email retention?"
it's the COVERUP part that's important. Mrs. Clinton has a history of coverups. It seems to extend throughout her entire career.
"4) You should really provide a link to this supposed 'lost evidence' "
http://www.hannity.com/articles/election-493995/listen-rape-victim-speaks-out-about-15196170/
"Clinton’s defense team requested its own testing of the underwear, but it ended up being 'accidentally destroyed' by the 'independent' lab."
what's NOT told, in snopes, the ABC article I found, and a few other places, is WHEN the evidence was lost. They all admit it was lost. That's the basis of Mrs. Clinton's (then Miss Rodham) argument for getting the defendent off with an extremely light sentence. THAT and the polygraph, which anyone properly trained can defeat. examples, put thumbtacks in your shoes, and give yourself a dose of pain for EVERY true answer, and every lie that you want called "truth".
/me comments I don't need drugs. I'm just fine the way I am, howler monkeys and amateur shrinks notwithstanding.
what's TRULY important here isn't the volume of relevant e-mails, but rather the potential proof that OBSTRUCTION OF JUSTICE was happening from the Clint-stones, just like what happened in Watergate when Nixon tried to cover up the Watergate hotel break-in [regardless of how justifiable it was; McGovern was a closet COMMUNIST, and I bet Nixon wanted PROOF].
It was the COVERUP that took down Nixon.
COVERUP is nothing new to Mrs. Clinton. The shredding of 'White Water' documents back in the 90's - documents from the Rose Law firm that somehow ended up in the White House - in addition to her handling of the 'Bimbo Eruptions' [THEIR name for it], and a few other things I can't remember the details on at the moment. There has even been SOME evidence to suggest that evidence was DELIBERATELY TAMPERED WITH in Mrs. Clinton's first major law case, as 'Hillary Rodham', defending the rapist of a 12 year old girl, and getting him off with 'time served', because the rape evidence had become "lost" [while in HER custody].
It might not even require 32k e-mails (i.e. "the 5 percent") to make a difference here. All you need is just a handful that clearly demonstrate either Obstruction of Justice, or outright mishandling or illegal disclosure of classified information, to be enough for a conviction.
But yeah, 95% of the 650,000 is just about right. Investigators have been talking about the 30,000 or so "missing" e-mails for a while. Why _WERE_ they 'missing' ? Inquiring minds want to know!
if they did it RIGHT the FIRST time, i.e. NOT with lazy-ass inexperienced "millenial" children and offshore sweatshops doing all of their coding, and NOT using their customers as BETA TESTERS all the time, then MAYBE the bandwidth requirement wouldn't be SO LARGE in the FIRST place, right?
that, and the whole ".Not" runtime crap, and all of that "the METRO" and UWP crap to go with it. Just 'ew'.
Why aren't the PC-makers fighting back? Why do they INSIST on hitching their wagons to a "fallen star"? Don't they realize that Micro-shaft has given THEM the "digitus impudicus" with respect to ANY future profits? Micro-shaft doesn't give a rat's backside to Win-10-nic's overall effect on "the industry". In fact, you MIGHT say they're doing it ON PURPOSE so they can sell more 'Surface' boxen, except it's not really working very well.
If PC makers were to collectively GET BEHIND a nice big PUSH towards Linux, it would be like 1991 all over again, except MIGRATING TOWARDS LINUX instead of Windows.
and all of those 'content consumers' can STILL "consume their content" using Linux.
Or, BSD, for that matter...
"druidic ritual to add the speaker again before it will work properly"
Did it involve a CHICKEN?
Sorta like what we used to do, back in the day, at a company that made smart antennas for wifi access points. we called it "the flash dance" - hold the button, do the dance while updated firmware transfers onto the device...
" if you want a fair CPU power based charging model"
WHY _anyone_ would want a MICRO-SHAFT SERVER "operating system" is BEYOND ME.
That goes double with the availability of RHEL (if you need the support), and CentOS (if you can manage it yourself), not to mention every OTHER Linux distro out there that has a lot of support for 'Enterprise' things...
does RHEL do per-core / per-cpu / per-seat licensing like Micro-shaft? Just wondering, as to the best of my knowledge they do NOT.
Then again, I mentioned that CentOS is *free*
"I haven't forgotten ME. Nobody mentions ME. It is being erased from all family pictures as we speak and will, in time, be erased from all web pages as well."
windows [obliterated]
sorta like the way certain pharoahs had their cartouche 'obliterated' by successors. Windows [obliterated] was the bastard stepchild of '98, supposedly a steppingstone to XP. More of a stumbling block, or a very deep pothole.
Win-10-nic should be looked at the same way, the "stumbling block" or "very deep pothole" [instead of stepping stone] to MICROSOFT! DOMINANCE! UBER! ALLES!!!
Otherwise, *WHY* kill 7's presence in the market? It was *SELLING* !!!
"I hear this argument from people who have never experienced discrimination."
"Usually white guys, who are usually straight."
sorry, your ignorance is showing. there is REVERSE discrimination, too [usually in the name of 'affirmative action' or some OTHER 'policitally correct' position].
So I'd say EVERYBODY has been discriminated against, in one way or another. Taking a 'victim mentality' and claiming "white privilege" is just ignorant.
(from topic 'The whole mechanism sucks')
"The whole eco-system that hangs off the side of the authentication side of things is based on a false premise, and that's the sole single reason for this continuing to be a pain in the neck."
And the INTERNET TOLLBOOTH, aka "certification authorities", the cottage industry that sprang up in response to the "need", is now ENRICHED by this *kind* of "decision".
Are we ANY SAFER? what about FIREWALL APPLIANCES that (literally) do a 'man in the middle' and issue their OWN root certificates?
And, HOW is Google going to 'enforce' a site being UNTRUSTED???
And then there are the SMALL TIME (and private) web sites that can issue SELF-SIGNED certificates. Will they be automatically downloaded and installed if the user SAYS to do it? Or will they AUTOMATICALLY be BLOCKED now, because, Google?
And those cottage industries.. the TOLLBOOTH industry... pay the TOLL, or YOU cannot PLAY!
now I'll need a special plugin to BLOCK THAT SCHTUFF won't I?
hopefully 'NoScript' will be enough. I already disable web-java for the OBVIOUS reasons, along with the flash plugin, yotta yotta.
What the *HELL* kind of WACKY WEED are those idiots smoking in those W3C 'kumbayah' campfire (aka pass the douchie on the left hand side) sessions?
NO. we do NOT need downloadable content to INCLUDE full-blown compiled-language code. Javascript is bad enough. JAVA was bad enough, too. FLASH is even worse. Just *NO*, ok?
yeah, no danger in THAT reducing battle readiness. "what if the network was DESTROYED in a battle, and you managed to fix the runways, and got some weapons and ammo and fuel ready to go, and NOW you want to get your planes in the air?" nobody thought of THAT situation, now did they?
Sorta like having a, *cough*, OPERATING SYSTEM that must "phone home" periodically for it to continue operating.
Now, I'm thinking of Arthur C. Clarke's "Superiority" again...
"Why do they do this?"
The reason you do not understand why they do it, is because you do not have a criminal mindset. I think it ties in with GREED (among other things).
Criminally-minded people do criminal things to 'get rich quick' at everyone else's expense, without a care as to who is harmed in the process. Hard work, responsibility, etc. don't exist with these people. I've seen it before: they'll spend unlimited time thinking up scams or schemes, and won't spend 5 minutes looking for a real job. [my uncle, my friend's brother, some asshat I knew in college that had my name written in his 'book' so thanks for the interview with federal officers even though I repeatedly said "I don't want ANYTHING to do with"...]
Recently, some asshat was arrested because he used his REAL identity to rob banks and investment firms...
http://www.theregister.co.uk/2016/10/28/hacker_bank_arrest/
After stealing the initial $100k - he'd apparently gotten away with it - it motivated him to go for the $1.5 million, which THEN got the FBI's attention.
"we're very much non-US and send/return addresses and mail servers never quite line up."
I (a 'merkin) occasionally get UK-related spam as well...
The Comcast employee who used Comcast's e-mail database for spamming, though... that's pretty disturbing. I wonder how common it is for security breaches to happen "that way".
So, how does THIS compare to Intarweb Exploiter?
And, even more interesting: how many of those bugs COULD have been exploited?
This does make me consider whether stability would be better than "add new 'features' that we don't necessarily want". I certainly do NOT like the 'hamburger' menu nor any changes to the UI that don't look like 'a traditional menu, with property dialog boxes' [i.e. not those 'web based' 2D FLATSO property screens that look like Micro-shaft's operating systems], and so forth.
In any case, I like the cross-platform nature of Firefox the most, and the plethora of plugins 2nd most. [What I don't like is when that "cross platform" tries to MICROSHAFT my BSD/Linux]
Perhaps SLOW CHANGE [not change for the sake of change], focusing on GOOD CODING PRACTICES, is what Mozilla needs to work on instead. Then they can have an extremely stable, W3C compliant, non-irritating software package that's relatively bug-free, runs on all platforms, and isn't "2D FLATSO" nor "too feely" for the rest of us that are running the classic mouse+keyboard interface.
"Currently, five days notice will get us enough time to kiss our collective arses goodbye."
I prefer 'party like it's 1999' followed by standing at ground zero, watching the thing approach, and giving it a serious "digitus impudicus" with one hand, and with a bottle of tequila in the other...
"If you can't use/access it from your web browser, then you will have to download a native app for that."
so: PART of the fix is some _REAL_ security on the IoT device end, to _PREVENT_ unauthorized bluetooth-level access from an unauthorized client, PARTICULARLY a web browser running javascript exploit code downloaded from an infected embedded advertisement...
(or whatever)
seeing as I'm involved directly with TWO different bluetooth applications that run on android, and the device(s) that the android device controls, it's a major concern.
I can foresee unauthorized firmware loads happening... so THAT much has to be protected against.
"Both Twatter and What?App could easily be replaced by an IRC client that always connects to a certain domain."
EFNet is still pretty busy these days. lots of 'lurking' in the channels I'm in, however...
then there's USENET which has NO moderators. visit alt.hacker for some fun, as well as alt.os.linux.ubuntu and a few other linux-related newsgroups.
Yeah, WHO needs Tw[i,a]tter??
"It's wishy washy so that if it goes to trial, they can get their top lawyers to drag things out for years, which most people wouldn't be able to afford."
And with "some of the more recent" wikileaks 'reveals', it seems that these guys have been in bed with 'certain politicians' for a VERY! LONG! TIME! indeed...
yeah, no WONDER it's a fsck'd-up law, interpreted by the various gummint entities via whatever 'whim' they have at the moment... [read: whoever PAYS them the most money]
You have to wonder if the use of Lithium in so many devices, because it's a lightweight battery material with high electrical density, is in ANY way similar to the use of hydrogen gas in airships, because hydrogen is twice as bouyant as helium...
it might be time to re-investigate aluminum-based electrodes within a battery. It's something I read about in an El Reg article some time ago...
yes, lithium reacts with water to produce hydrogen gas. oh, my!
But once you deplete the Lithium enough, and sufficiently cool everything, it would go out.
Remember, when putting out fires, you use a WATER FOG and not a stream. This has a cooling effect as well as the blocking out of oxygen, breaking 2 legs of the fire triangle. Water fog can do a LOT, even on a class D fire. Just don't spray it on live electrical equipment that's connected to the power grid...
But yeah, 'pissing' on it with a water stream is probably going to make things worse. It's probably why they dragged it outside so that the REAL firemen could do a proper job on it.
2000 batteries in a Tesla?
The number of batteries is less important than the energy density. However, a Tesla is more likely to have human occupants and be involved in an involuntary distortion of the basic structure of the unit [i.e. a car crash], and thereby expose one of the 2000 lithium ion [bombs?] batteries into a potential source for an inadvertent catastrophic disassembly event [read: explosion].
High density batteries would reach a high temperature faster for the obvious reasons of less mass and more energy applied to it.
In any case, it's a fair bet that NASA batteries have the highest possible density since they are intended to be launched into space, and rocket fuel is expensive.
"And this waste of skin can breathe in and out too?"
never underestimate the plans of the criminally minded... who will go FAR out of their way to try and do what this idiot [allegedly] did, but wouldn't lift a finger to get a REAL job...
[I have to wonder whether this guy was ALSO 'on the dole' in addition to the criminal activity]
I still have to wonder as to whether use of REAL name/address etc. actually HELPED him get the initial $100k or so. There might've been some head-scratching over it, but apparently it wasn't scrutinized enough. Was the initial scrutiny something like "is this guy a REAL person? Well, nobody would be THAT stupid..."