* Posts by vir

349 publicly visible posts • joined 31 May 2016


What a good eye-dea: Battery-less, grain-of-sand-sized 2.4GHz transmitter to help save your eyesight


I believe it was surgically-implanted lenses over the entire eye socket and the extent of "augmented reality" was a clock in the FOV. But when 3MB RAM is a lot, you make do with what you have.

It’s happened again: AT&T sued for allegedly transferring victim's number to thieves in $1.9m cryptocoin heist


Re: 24E6 eggs in a flimsy basket

Ah Mr. tin 2, I see you've successfully entered your 36 digit PIN, matched four fingerprints, a retinal scan, a handprint scan, a voiceprint, a DNA test, an anal wrinkle scan, presented your unique USB token, confirmed the PIN sent to you over SMS, confirmed the PIN sent to you through email, confirmed the PIN sent to you on grindr, entered your grandmother's hairdresser's grandmother's neighbor's maiden name, confirmed your third grade teacher's anal wrinkle scan, identified several pictures of motorcycles, matched every street you and your family have lived on going back seven generations, identified which car models you've applied for financing on, found the four pieces of the ancient treasure map hidden in famous Mason landmarks on different continents, evaded the attack dogs, evaded the attack squirrels, verified that your heart weighs less than a feather, and completed an audio CAPCHA. Here is the 0.006 BTC you requested to pay your cell phone bill.

Apple said to be removing charger, headphones from upcoming iPhone 12 series


Re: Gets my vote...

And let's not forget the horror of plugs hard-wired into weird voltage power supplies either. No luck pairing a cable with any old USB port, the charger was at 9.6 volts!

CEO of AI surveillance upstart Banjo walks the plank after white supremacist past sinks contracts


Re: "lunging at a man carrying a gun"

Pretty good troll: a solid 3/5


Re: Big Banjo

A black man jogging through a white neighborhood before lunging at a man carrying a gun which had been pointed at the floor in a non-threatening manner. FTFY.

If two guys follow you in a truck and one of them gets out with a shotgun, are you really going to tell me that you would not perceive that as threatening? The problem in this instance is that - all debate about the utility of citizens' arrest laws aside - the killers took it upon themselves to act wildly outside the scope of even the most lenient interpretation of the law. Despite your excessive victim-blaming and attempts to cast his murders as the aggrieved party, extrajudicial killing has never been legal.

Famously flawed, it is 30 years since the Hubble Space Telescope was launched


Re: Invar

"I wonder if I can buy a small bar of Invar and do some science with the kids, say comparing it to the behaviour of a brass.. :-)"

McMaster-Carr sells a 1/8" diameter 6" long rod for $8. You can also get a same-size titanium rod for $3.

Cisco UCS servers slugged by 'This SSD will self-destruct in 40,000 hours' firmware farrago


Re: Obsolescence by design?

This is my biggest problem with Apple (I am the mostly-satisfied owner of iThings): by keeping things at a higher level of "abstraction", they overall save some headaches but cause a few really infuriating ones. For example with this battery issue (putting aside the lack of user replaceable battery, etc), the way they went about it was almost the worst possible choice. If they had come right out and said "your phone could unexpectedly shut down at low battery levels; we've introduced a new setting you can activate to incur a slight performance penalty to reduce the chances of an unplanned power-down", they could have avoided a lot of the user wrath.

RAND report finds that, like fusion power and Half Life 3, quantum computing is still 15 years away


Got Any Spare Change?

I'm flipping coins and making one-time-pads to sell off in 15 years for a mint.

OK brainiacs, we've got an IT cold case for you: Fatal disk errors on an Amiga 4000 with 600MB external SCSI unless the clock app is... just so


Reminds me of the magic/more magic switch story:


Reg fashion special: Top designer says 'video chat accessories' are in for spring!


And So It Begins

Anyone else reminded of the aside in Infinite Jest where David Foster Wallace describes the evolution of videotelephony through facial software enhancement, followed by physical masks of your own enhanced face, then of your whole body, then of your surroundings until a video call became "essentially a heavily doctored still-photograph, one of an incredibly fit and attractive and well-turned-out human being, someone who actually resembled you the caller only in such limited respects as like race and limb-number, the photo's face focused attentively in the direction of the videophonic camera from amid the sumptuous but not ostentatious appointments of the sort of room that best reflected the image of yourself you wanted to transmit".

Look ma, no Intel Management Engine, ish: Purism lifts lid on the Librem Mini, a privacy-focused micro PC


Re: 5V and 12V rails

"Just thinking about your question and I came up with: is it truly necessary?"

Agreed that physically killing the ethernet connection is equivalent. The other vectors probably aren't as important as that would mean that the attacker likely has physical access to the machine anyway. Though it would be interesting to see an exploit over Firewire or HDMI!


"I'm just amazed that they can somehow squash the Intel Management Engine seeing as thought that it was built into the CPU"

Kind of. It looks like they set the HAP bit and erase as much of the firmware as they can, but this still leaves the system vulnerable to the SA-00086 exploit. I wonder if they disconnect the +5VSB and +12VSB rails when the system is powered down so that the engine isn't running when the computer is "off".

One for the super rich fanbois: Ultra-rare functional Apple-1 computer goes on auction


Re: How do they know it's real?

Ah but do you think somebody who could create a very convincing replica of an Apple-1 could get more money from a Kickstarter campaign selling them at a reasonable price?

Researchers trick Tesla into massively breaking the speed limit by sticking a 2-inch piece of electrical tape on a sign


Re: Sigh.

Cruise control, or at least have the sense to look at the speedometer from time to time.

I frequently drive a road between towns that is one lane in each direction but with occasional passing sections where it expands to two lanes in each direction. The really infuriating thing isn't the people who go 60 in a 70 (in the middle of the day, no rain, no obstructions, etc), it's the people who go 60 in the single-lane areas and then recover the assurance to speed up to 75 in the passing sections.

Remember the Clipper chip? NSA's botched backdoor-for-Feds from 1993 still influences today's encryption debates


Perhaps Not Actually About Security...

"the pace of innovation and unpredictability of how technologies will develop makes it incredibly difficult to legislate an approach to encryption and backdoors"

But that doesn't stop legislators from walking out of a presentation on how the concept of a "secure" backdoor is mathematically impossible - literally arational - and throwing their collective hands in the air and saying that "we can put a man on the moon but we can't figure out a way to read a text message" or something similar. Since it's such a convenient way to cast the tech industry as the "bad guys", the stalwart protectors of child pornography, terrorism, and drug trafficking, I'm not entirely sure that the legislators don't view this perennial conversation as a way to burnish their tough-on-crime credentials and get an easy jab in at Silicon Valley.

Ooh, watch out Google. You've got competition. Verizon has a new 'privacy-focused' search engine


Re: irony or sarcasm?

Take it seriously as a new advertising buzzword:

Give us exclusive access to your search terms = privacy

Only trust us to know your location = privacy

Only allow us to provide targeted ads = privacy

Of course, they'll take your privacy "seriously" when there's a data breach, or it turns out they never actually delete your information, or someone reveals that they're just managed to insert themselves into the ever-growing ecosystem of parasites, bottom-feeders, and hucksters who make up the web advertising business.

Alan Turing’s OBE medal, PhD cert, other missing items found in super-fan’s Colorado home by agents, says US govt


I'll bet that Ms. Turing's sentence will consist largely of paying for the cost of returning the stolen items. See: United States v. Melnikas, 929 F. Supp. 276 (S.D. Ohio 1996)

Capita Education Services accidentally spaffs email addresses in Helpdesk snafu


Re: Reply all

It would be nice to have an option when sending a message to make it un-reply-all-able. Or just to have administrators be able to disable serial abusers' (read: people who fancy themselves clever) rights to that button.

EU declares it'll Make USB-C Great Again™. You hear that, Apple?


Let's Bring It All The Way Back

Forget all this connector BS, let's bring back two big metal pads on the back of the phone ala 1998.

The Curse of macOS Catalina strikes again as AccountEdge stays 32-bit


The line of thinking was probably "well the customers have already hitched their wagon to our software and we've made it a titanic pain to migrate to anything else so I'm sure they'll find a way to deal with this nerd problem because the compliance box must remain checked".

Under construction: CAT lobs bargain-basement rugged mobile that will take a kicking and keep on clicking



Another big thing to look for is "designed to MIL-STD-810 standards"; i.e. "we never actually tested it". Although, knowing most marketing/sales departments, they'd still proudly proclaim "tested to MIL-STD-810 standards" even if the product failed every single test.

Tragedy: CES squeeze forces frequent flier hotshots into economy hell


Re: Ah, first world issues

They should put the conveyor belt for the carry-on x-ray machine at head height; if you can't get it on there by yourself, what makes you think the overhead compartment on the plane will be easier?

Only joking, unless?

Hold my Bose, we can do premium: Sennheiser chucks pricey wireless cans at travellers


Re: @Lord Elpuss -- oh no!

The MicroUSB cables I have at home and in the car both have a mark or sticker of some kind on the side that faces me when it's oriented correctly for my phone. For the cable at the office, I just scribbled on it with a marker.

Wham, bam, thank you scram button: Now we have to go all MacGyver on the server room


Re: Dont have your machine room at the top of a building

We had central air in one of the houses I lived in, with a duct right over my bed. One night in the early summer, when we first turned on the A/C, I was reading a book in bed and noticed a tiny spider on the page. I looked over and the bed was coated with them; there was a nest in the duct that got blown out into my room. I'll take cement dust any day.

Buzz kill: Crook, 73, conned investors into shoveling millions into geek-friendly caffeine-loaded chocs that didn't exist. Now he's in jail


Re: What a retirement party!!

This is all part of the long con: selling their story to a film producer when they get out of prison and coasting on the residuals for the rest of their lives.

LightAnchors array: LEDs in routers, power strips, and more, can sneakily ship data to this smartphone app


Re: Why on earth

That's all well and good but let's be reasonable: manufacturers today aren't going to include $1 of additional parts and labor without charging you $10 for it - which is of course their right - but as with "smart" TVs, refrigerators, etc, the way they're going to offset that cost increase is by turning the functionality into a new revenue stream: ad placement, walled gardens, data collection. Scan your hot glue gun to see what the temperature's at, here's an ad for glue sticks on sale at Walmart. Buy a surge protector from Home Depot, you've got to download the Home Depot Connect app to see if the MOV's burnt out. Have a smart refrigerator with a camera in the door, Samsung knows what appliances you have in your kitchen and when you use them. And that's just the beginning: now we're going down the rabbit hole of functionality = microprocessor = DRM. "We've embedded a tiny RFID chip into every stick of hot melt adhesive so your glue gun will automatically adjust its temperature for optimum performance. To ensure safety and consistent functionality, your glue gun will only turn on when it recognizes that a genuine stick of 3M hot melt adhesive has been inserted. Each RFID tag is unique and since we know how much glue has been fed through thanks to the glue usage sensor, it is impossible to reuse the tag in another stick. This is also to ensure safety."

Call me paranoid.

Remember the 1980s? Oversized shoulder pads, Metal Mickey and... sticky keyboards?


Re: It was something we used to do in the 80s

>>The amount of fixatives I've been exposed to I expect I would mummify quite nicely if I wasn't slated for the fire. I just hope the crematorium has a good scrubber.

I remember one time one of the researchers with whom I shared a refrigerator warned me about a tube of osmium tetroxide she was putting in there; something along the lines of "if you open this outside of a fume hood you will die".

Minigame: Celebrate Firefox 70's release by finding a website with 70+ trackers blocked


weather.com used to have an infinite scroll of sponsored content. Why anyone would continue to scroll once they hit it is beyond me; I used to keep going just to see how many adblock notifications I could get - triple digits one time.

The sound of silence is actually the sound of a malicious smart speaker app listening in on you


Something About A Stable Door

So it sounds like they're relying on some sort of (likely automated) code inspection and possibly behavior analysis to "mitigate" this type of thing which - to put it charitably - doesn't work 100% of the time if the continued parade of malicious app notices is anything to go by. I take it there's no version of CTRL-ALT-DEL or otherwise reserved command (or physical interface, god forbid) to prevent third-party apps from masquerading as the OS?

Welcome to the World Of Tomorrow, where fridges suffer certificate errors. Just like everything else


Re: Useless Gimmicks for idlers & show-offs ...

Reason not the need.


>>MAYBE: my little indulgence - a dispenser for chilled water and ice, all plumbed in (would be a YES except that it's only available on "american style" models).

It's extremely convenient never having to refill ice cube trays or keep the ice bin topped off or finding that all the ice has merged into one blob or that the only cubes left are the little wizened half-sublimated ones that taste like plastic. I just dread the day that my dog realizes that he can just push the lever to dispense his favorite treats and I come back home to 30 small puddles all over the kitchen.

How do we stop filling the oceans with Lego? By being a BaaS-tard, toy maker suggests


>>I don't think there is any problem with using plastic on products which will be used for decades.

Add in also Lego's policy of minimal (increasing, but still minimal) amount of planned incompatibility/obsolescence.

Ditch Chef, Puppet, Splunk and snyk for GitLab? That's the pitch from your new wannabe one-stop DevOps shop



Where's that XKCD on how standards multiply?



After complaints over leaked Voice Assistant recordings, Google says: We hear you


Shell Game

I'm fed up with these settings games. If they were actually serious about privacy, companies would have one page that explicitly lists all of the tracking, analytic, and telemetry functions, describes their usage, and gives the user the ability to enable or disable them as they (the user) sees fit. Instead we have impenetrable layers of obfuscation. It's all "Settings > User Settings > General > Application Preferences > Communication Preferences > Data Management > Feedback > Automated Feedback > Feedback Settings > Enable ATPS (which is really Record Everything I Do And Send It Unencrypted To An Unsecured S3 Bucket)". Nevermind the fact that they split it up into eight different settings hidden all over the app, rename them every point release, automatically enable all of them, and fall back to the least restrictive one, but they also have the gall to claim that it "improves the user experience".

Sorry I know I'm preaching to the choir here.

Alarmingly, Facebook needs more first-person shooter footage, US Energy dept buys AI-training chips, and more


Re: 46,000mm2 silicon die

"We've implanted a tiny microchip - about the size of a postcard - into your skull."

GIMP open source image editor forked to fix 'problematic' name


Re: Divide and rule

> I've always had a bit of a pause for reaction when someone has seen GIMP on my desktop.

Or when I tell someone with a bare wall to just Rasterbate over the whole thing.

Poor old Jupiter has had a rough childhood after getting a massive hit from a mega-Earth


Re: Boom

Wasn't there a Charles Sheffield short story about that?

Transport for London Oyster system pulled offline after credential-stuffing crooks board customers' accounts


Oyster Accounts Shucked

TfL's response just vinegar in the wound.

We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts


Re: own domain and use a unique LHS

I would like for more websites to include the option to interact as a guest.

Watch as 10 cops with guns and military camo storm suspected Capital One hacker's house…


Re: A little sensationalism?

"But, did the police *know* about the weapons before the raid? Nothing in this specific article implies they did."

You have to fill out a form that includes your address for a background check when you purchase firearms from a store (private sales requirements depend on the state; Washington requires the same federal background check for private sales but who knows if these were purchased legally). That presumably goes into a national database so, among other things, law enforcement can check to see if you have any firearms before serving a warrant.


Re: A little sensationalism?

I think the intent wasn't to intimate anything sinister about Ms. Thompson as much as it was to contextualize the police's use of force in arresting her.

Literally braking news: Two people hurt as not one but two self-driving space-age buses go awry


"I'm sorry, Dave, I'm afraid the speed limit on this road is 25 MPH and that's the LIMIT there's nothing that says that I need to be going that fast if I think that 22 MPH is a more sensible speed for the current road conditions and just where do you need to be right now that's so important that you think that

France seeks science-fiction writers to help futureproof its military against science-fact



Just watch a few seasons of Black Mirror. I take payment in Perigord truffles, bordeaux, or foie gras.

Don't give it away, give it away, give it away now, bot busting biz tells reCAPTCHA data serfs


Perverse Incentives

I can easily see some less-than-bright companies increase the number of captchas they subject you to just to pull in a few more fractions of a penny. Or maybe even unscrupulous web designers adding them to their clients' websites and pocketing the fees? It's already bad enough that any form you fill out online has you training Google's self driving car algorithm for free, but at least the website designer only has the incentive to put in as many captchas as they need to weed out bots. Making something a revenue generator that requires zero effort on the part of the person receiving the revenue will likely lead to odd and unpleasant consequences.

The seven deadly sins of the 2010s: No, not pride, sloth, etc. The seven UI 'dark patterns' that trick you into buying stuff


Re: Aren't those standard marketing tactics?

We've had a jewelry store in our town go "out of business" several times and advertise a massive stock-clearing sale: banners, sandwich boards, the whole thing, only to quietly take it all down and do it again 18 months later.

The Eldritch Horror of Date Formatting is visited upon Tesco


I have heard from someone who works for a food company that the expiration or best by dates are set far earlier mostly so that customers aren't put off by how long processed food is actually good for.

Biz tells ransomware victims it can decrypt their files... by secretly paying off the crooks and banking a fat margin


I do not but that may be why I'm not a CEO. If the argument is: we don't have or want to allocate the budget for an IT department, managed IT services, offsite backups, or any/everything else that goes into making our company resistant to ransomware and it only costs us $4000 if - if - we get hit and we can write most of that off at the end of the year anyway, then we're going to cross our fingers and it's business as usual. As far as corporations encouraging the proliferation of ransomware and enriching some undeserving people, replace "encouraging the proliferation of ransomware" with "polluting the environment" and "undeserving people" with "undeserving people" and...you see where I'm going with this.


Re: Doesn't matter

To call it lying might be a bit of a stretch. Doing "the technical stuff, properly" does not - to me - imply that they are brute-forcing an AES-256 key or reverse engineering the malware to recover the key. They are being deliberately vague but with that wording their target demographic isn't technically savvy corporations and "technical stuff" is all they need to hear, want to hear, and care to hear. To a company who might not have anyone on staff who knows what bitcoin is less how to purchase it or run a decryption tool on their files, a $3000 premium on $900 spent might sound a little high but as far as profit margins go, it's nowhere near out of the ordinary (when's the last time you bought a bottle of wine in a restaurant?). If they came right out and said "we talk to the guys, negotiate a bit of a discount, purchase bitcoin, send it to them, obtain the decryption tool, run it on your data, and you pay us to do that", then yes, you could have a nice argument over whether you sit by and watch your business go up in flames for the good of the commons or you bite the bullet, pay the 4 grand, write it off as an operating loss, and start backing up your files.


A Necessary Evil?

It would be one thing if these companies were charged with preventing ransomware attacks and then surreptitiously encouraging them so they could charge for data recovery, but negotiating with ransomers after the fact, handling the payoff, and running the decryption tool is what they're charging for. If the data is strongly encoded, the fastest and easiest way to decrypt it is obtaining the key. Yes, you could wait around for someone to try to find a weakness in the implementation to exploit but "negotiating with criminals v. not making it lucrative for them" is an argument far removed from the boardroom and in the meantime your company is losing money (and try finding a white hat to write a decryption tool for you for $3050). It might cost a pretty penny, but dollars to doughnuts your finance department will prefer this to purchasing bitcoin to send to a mathematically unidentifiable recipient. This way, they get a neat line item to put on the budget and the data comes back, hopefully to be protected better next time.

As Patrick O'Brian writes: "You might think it is a far cry from...a long-established, eminently respectable firm...to a band of criminals; but the eminently respectable know the less respectable and so down to the very dregs."

It's official. You can get FUCT, US Supremes tell scandalized bureaucrats in rude trademark spat


Bring In The Fashion Police

Does it meet the legal definition of scandalous, maybe not, but I have some sort of allergy to these "oh it looks like a naughty word but it's actually not look at how clever we are here's a hint we're so clever" ploys. E.g. Schitt's Creek, FCUK, etc.