Posts by bombastic bob

Re: "Intel classified our attack as a 'traditional side channel'

more right than any other perspective, for sure. "Bottom Line" drives _EVERYTHING_.

Re: Focus

From the article: a social engineering attack that convinced registrar Network Solutions to alter the domain's records without valid authorization.

Network Solutions - they're pretty much the OLDEST one out there, as i recall. Used to be 'internic'. I set up a domain with them in 1995. Still registered there, too. I was under the impression they had safety procedures in place to PREVENT this kind of thing.

Apparently they need to review their internal procedures...

Re: POTS

not just telephones, but narrow band radio communications as well, limited to about 3khz. Narrow band FM is common for walkie-talkie systems, and short wave band (as I recall) is allocated in 5khz increments [unfortunately this means cross-talk at high frequencies but there ya go].

Re: Dogfood

my anti-tracker method is a lot easier on my end.

* assume that browser history and stored cookies are a huge part of the problem

* For "those" sites, run a browser without 'noscript' in a different security context, such as a different login entirely (i use DISPLAY=localhost:0.0 or similar and authorize via "xhost +localhost" - make sure X server runs with -listen_tcp or similar for this to work).

* The separate login's browser settings either delete history on exit, or you have a script (needed for Chrome) that deletes everything that's persistent.

* close all browser instances for that login and erase history between web sites.

Normally when I find these sites I have nothing to do with them. But occasionally an online store or even gummint resource (Cali-forn-you is bad about this) will have a CAPTCHA or some other scripty thing you can't avoid using. So I run it from "that" browser. Firefox has a setting to erase all history on exit, and that is helpful.

This as an alternative to "temporarily allow all for the current tab"

(understandably clever trackers can track you without cookies, and then put 2 and 2 together to associate that web page with everything about you, from your real name and e-mail and cell phone number, to personal data you entered for a social media account like age, sex, likes/dislikes, education and work history, and so on, and then SELL IT or use it to target ads, etc.)

Re: A bit rich

most debian-based releases have "apt-get dist-upgrade" available, but you're kinda on your own to make it work. You need to mess with the sources.list file among other things. Often worth doing, but you may have problems later...

Re: Linux

VxWorks is an RTOS, and that's probably why it's used for things that work better with an RTOS.

I used to compile images for Vx and Linux back in the day, wifi access points specifically. Vx had a much smaller footprint but of course required license fees etc.. One day the manager said "Fit it in 2M flash and we'll use Linux." We made it work.

Re: Just goes to show how out of touch our politicians are

post links to USENET and who's gonna stop you? Who's gonna TAX you?

As expected, pretty much everyone will AVOID the tax, or ignore paying it even when required.

wait until news links aren't posted any more. You could post something like this:

A link to "The Register" online site for an article titled "whatever" - then a simple google search... no, wait. [could they tax Google as well???]

Re: What the AAIB had to say

while the Alauda gang, who 'built' this chunk of junk just come across as a bunch of incompetent fuckwits.

When you invent something, and want to show it off to the public, don't make the kinds of mistakes that Tesla did, on occasion. Mad science is cool, but doesn't play well with the public when things go horribly wrong.

It's probably best to hire a safety consultant (one that's familiar with that particular field) to come in and make sure you're following regulations and taking necessary precautions, before doing anything in public.

but yeah that's the difference between "mad science" and "industry". If you can do BOTH, like Elon Musk, then you're gonna do well if you can build the thing you're dreaming up (and it actually works and doesn't kill people or break things unintentionally). But if all of the lights are going to go out for 3 counties in all directions, or airplanes might crash, nobody out there wants to be told "RUN!". Best to avoid that, yeah.

[I've got these ideas about nuclear fusion that I'd like to try. It wouldn't be all that hard, nor even expensive, to collect enough parts and build it. Problem is radiation, neighbors' safety, and stuff like that. So I haven't]

Re: Life on Mars

Panspermia is interesting, but I think the more likely case is that [like planets around stars] it is more plentiful in the universe than not. Life exists on earth in even the most hostile places, "finds a way" to continue existing. Perhaps the rest of the universe is the same way...

Re: There's a lot we don't know

you really do mean to deny anthropogenic climate change

_I_ most certainly deny it. With pride! And, I have science to back up my "denial". I presented some of it in an earlier post...

I believe that it is extremely important to "deny" the things that are just NOT true, and then wear it as a badge of honor, even in DEFIANCE, if people want to use "denial" as some kind of pejorative.

Don't forget: science is not about CONSENSUS - it is about THEORY and EXPERIMENTS and PROOF.

they are unequipped to handle coal frozen together.

Prison chain gangs with sledge hammers oughta do it...

At least coal and oil and gas plants will have higher efficiency (see Carnot efficiency and 2nd law of thermodynamics) once up and running.

What I'd like to know: where did all the NUKE plants go???

Re: Good

From the article: without the major new features

Read: without the FEATURE CREEP

Small, stable, incremental change is a *Good* thing for an OS

A qualified "agreed" except that you want to avoid the _kinds_ of feature creep that slowly shows up, such as some of the things in XP that broke stuff in SP2 (for example). I remember a few things, specifically, including the ability to (easily) create raw packets for IP.

But it's a welcome change, for sure for Micros~1 to (for a second time) release updates that don't "change the universe" according to someone's "feel".

Re: Hopefully...

we can always hope!

I'd just like to have Linux or FreeBSD with a windows subsystem (like Wine), even if it has to be Win-10-nic .

Re: Meanwhile, China blocks the BBC

right, but if a non-CCP-controlled nation blocks THEM, it's "endless lawsuits" dragging it on until a "friendly administration" just "pauses" (read: buries) the whole matter. Puppet strings notwithstanding.

The CCP has WAY too much influence/control over the things we're doing, from suddenly (and without warning) LIMITING PPE EXPORTS during a pandemic, to routing the usual privacy-violating things (that people are wiling to agree to, go fig) through servers in CHINA. And they're not friendly, no matter how wide the Stepford Smile. Look what they do to their OWN people...

I for one will NOT be subjugated to anything resembling a "Social Credit Score" derived from CCP spy data. Or Google spy data, for that matter. But Google is a U.S. company, and may have trouble getting past those "stupid laws" whereas the CCP would NOT.

something worth considering, the RELAXATION of environmental and other (similar) restrictions, which is always a MAJOR impediment to new construction of things _LIKE_ FAB plants. It's cheaper to off-shore your pollution, yeah.

I do not know if 'Benedict' (Biden} would actually DO this, but I might have to give him a "slow clap" if he does something MAGA-worthy.

Re: a mere 4.3 light years away

they're just not capable of particularly high thrust. Not yet

Ack. I'd say the most efficient 'impulse' type of engine would be

* fusion reactor

* super-heated liquid/gas expelled at high velocity

* maximum impulse per gram of propellant

If the propellant is hydrogenous, it can also be "fusion fuel" even if only a small percentage (i.e. deuterium and tritium) are being used for that part of the engine's output.

Then you just need a LOT of it. Since hydrogenous material (methane, water, ammonia) is available on just about every planet in our solar system, in high abundance, shouldn't be a problem if you can make a big enough tank to hold it all.

* NOTE: to prevent melting engines, you inject raw fuel along the inside surface of the engine. The laminar boundary layer will allow turbulent flow, while protecting the layer itself, which will then evaporate and effectively cool the engine housing. Then you can have exhaust temps way above the melting point of the materials it's made of. Multiple injection points for 'raw fuel' will make sure that the engines run continuously without melting.

Re: Further simplicity and ease of use...

it's way, way, way too complex for that purpose

ack - gimp does things no other graphics application seems to be able to do easily. However, they are things that you kinda have to be familiar with gimp to use properly. Example, paste a 2D image into a 3 dimensional perspective slot, such as "faking" a monitor screen for a meme...

worth pointing out, the screen shots for the desktop look Mac-like and have at least a 3D appearance, and not the 2D FLATTY FLATSO McFLATFACE every OTHER "modern" desktop is trying to clone...

"Minimalistic" can still look nice.

Re: For the love of the wee man

Because ThoseInCharge want to show their friends pretty real-time graphs on their iFads.

'iFads' - heh.

Though a proper design would only allow remote control if you passed through multiple firewalls through multiple air-gapped [except for that one firewall] systems. I hope this is a wakeup call for SCADA in general.

Here's what might work, for emergencies:

a) ssh into a jail running on a FreeBSD box that's attached to teh intarwebs

b) ssh from that jail into the host box, which has access to the private network

c) ssh (via the private network) into another box that is multi-homed (but does not route) into the nearly air-gapped network

d) ssh into a box on the nearly-air-gapped network that has a command line interface (to perform somewhat cryptic commands using a custom interface) so you can "fix things" remotely.

A bit cumbersome, but for emergency use only. So, in this example, 4 ssh logins are required to get through, the first being a jailed system (FreeBSD jails have completely separate security contexts, and limit what root can do). Sane IT people would make the logins and pass phrases all different.

And so on.

(but anything significantly less secure than that, BAD idea)

The problem, at any rate, is NOT the pretty charts for "iFad"s. The problem is allowing COMMAND AND CONTROL via the same interface you use for the pretty charts.

Re: Location

good point. You're supposed to be able to control access to location info for applications, last I checked, but how many people do NOT click "enable" for it when prompted?

Or... go through the list of pre-installs and DISABLE it

Is there a "master disable" settings feature yet? That should be in there, too - disable "whatever" for ALL applications no matter how loudly they whine [as an example] and, better still, feed them bogus data so they don't break. Well, I can wish, cant I?

Re: Rant. No Content.

my initial reaction was that the "micro-agressions" might have been the fault of the recipient by "interpreting them that way". This whole idea of "micro-agressions" and "triggering" nauseates me to no end. Unfortunately there isn't a "Vomit" icon...

Also, deep pocket lawsuits are (unfortunately) a possible motive for possible false allegations by disgruntled employees.

Re: Contributing? Surely you jest ...

I thought we were calling them "Micros~1" these days...

What's nice about open source is that if you do not like what they did to it, you are welcome to fix it or contribute a patch to make "whatever that was before" an option so that you can have it back if you want it. A properly managed project would accept "an option to have it back" as a patch and integrate it so as to NOT anger a lot of existing users that agree that "change is NOT always for the better" and want their old "whatever" back. Or it will fork. Like Mate. Like Devuan.

(My mate desktops running on Devuan systems and FreeBSD look like an old Gnome 2 setup from a decade ago and it makes me very very happy that I _STILL_ have a 3D Skeuomorphic classic desktop)

github has been moderately stable except recently when they broke the appearance of tags [text now always black unless you have a bleeding edge browser version] and apparently aren't going to fix it so that it's compatible again...

Re: Trust nothing, check your data, use various sources.

Being "Intar-web Street-Wise" is *THE* solution.

"A sucker born every minute" - and twice as likely on-line.

Here's what _I_ think: Question _EVERYTHING_, especially when EVERYONE *APPEARS* TO BE SAYING THE SAME THING...

The only protection, for you, from "Teh Intarwebs", is YOUR BRAIN.

(but of course, THIS assumes that INDiVIDUALS are personally responsible for their OWN lives, and lacks an elitist point of view that "the elites" should be "making it safe" for "the prols" because they're not smart enough to do it for themselves)

Re: Chrome is the new Flash

"JavaScript is the new Flash"

Re: Sigh!

I would be more sympathetic to their union if not for the fact that this union was, in part, started over objections to the 'Maven Project'. And though I agree with the their dislike of a "real names" policy, it's usually the point of a union NOT to dictate corporate policies and contracts, but to protect rights of employees and in doing so provide needed services to the company they contract with.

So I have to agree with the idea - if you do not like working for Google, there are other employers. I know _I_ would not like working for Google. So I don't.

I'm not against unions, but I don't see an I.T. union being all that effective. if it were more of a guild, where it acts more like a standards setting organization and even provides employment "head hunter" services, it might make sense.

please let me know (with proof) what 'lies' you are referring to. Thank you.

Jeanine Pirro (one of the defendants in the lawsuit) used to be a judge. On her show she's known as "Judge Jeanine".

I would think that Jeanine Pirro would have a pretty good grasp of evidence, evidentiary rules, and so on with respect to what might be considered libel, slander, or "damaging". Many other hosts on Fox News are actual attorneys.

So far I haven't seen anything like "lies" that would result in any kind of "damage", and I watch Jeanine's show regularly.

And though I don't always watch the others named in the lawsuit, I haven't seen anything "damaging" from them, either.

Please keep in mind, THIS.

I expect to see more of the same in the near future. the thing about a court case is that actual EVIDENCE gets to be presented, and DISCOVERY gets to be demanded from the opposing party.

6000 / 126million = 47 per million

I have to wonder how much DAMAGE giving away freedom has done in its place...

It also suggests that there is ONLY *MINIMAL* (if any) benefit to "tracking apps".

Re: Fixing the unfixable

reporting a bug is good, but supplying a PATCH along with the bug is even better.

Re: It unveiled a new language, Q#

Q - like from STNG ?

Re: FTFY

nice use of the joke icon to make a point. I wholeheartedly agree!

/me points out that since that "few million lines of lines of code" is relatively STABLE and WELL TESTED by time, there's really no need to play the "Arthur C. Clarke's 'Superiority'" gambit only to end up the loser and ALSO not knowing how it happened...

Re: C++ has it's own set of problems

The one thing that I found that C++ helped a lot with (in windows coding) was the ability to manage GDI handles automatically, freeing them when no longer needed. This also assumes that you're not abusing exception handling and that object unwinding functions properly if you do.

Otherwise, my C++ code nearly always looks a LOT like C code. Personally, I think it becomes more maintainable that way. Properly designed templates and operator overloads can help, too.

(but if your C++ code throws exceptions and requires try/catch everywhere, you're doing it wrong)

One thing that I believe Micros~1 got mostly right is the COM object for OLE 2.0 . It kinda demands C++ and, by design, helps to prevent memory leakage and similar things. You could make _THAT_ a qualified "citation" for mitigating SOME of the things that shared objects and object lifetime issues might otherwise cause.

the West does not have a monopoly on smart scientists and researchers

this may be true, but because of the CCP (and things like "social credit score"), it is my impression+opinion that engineers in China tend to defend higher ups or "status quo", even when blatantly wrong, in lieu of taking an initiative and getting things done. It is my opinion that they are fearing for their jobs. Were it not for an NDA I could describe a situation in more detail where an OEM product started to fail after they made an unannounced design change at the factory in China. I assisted in troubleshooting the root cause, and proposed a solution that was a compromise between the old and new designs (it worked perfectly when tested, and many units were retrofitted with the fix). The solution was basically rejected (keep in mind it took the form of a customer request), with no real reason provided, almost like a denial that the problem even existed. Much later the engineers in China made a "fix" that was, in short, like "using a bigger hammer".

see, THIS time, Apple is getting it right and providing an ADDED VALUE to their products with the new iOS.

Apparently trying to make it worth paying the "Cupertino Tax".

in science, the mistakes and failures are often more interesting than the successes.

Right Dr. Fleming?