Posts by doublelayer

Re: re: That's bollocks, it really is.

I don't know what the best use case is for you. Consider these:

Why do people use smartphones over older cell phones?

Me: I like having my email there. I listen to podcasts on the go, and the phone can just download them rather than my syncing something to get them. I like that GPS is just on the phone. A feature phone doesn't do that. For me, the reduced battery life is worth it.

Someone else: I need to have facebook and twitter open at all times. A feature phone can't do that, so smartphone it is.

Another person: I like basic photography, and the best cameras are on smartphones. Also, the photo software on phones is most convenient for me, rather than syncing my photos to desktop.

A fourth person: I want to watch video while I commute. I need one of those massive screens to do it, and a strong data connection. For all those reasons, a feature phone doesn't work.

None of these people agree, and they probably have different kinds of smartphones, but they all have one.

As for smartwatches, I technically own one. However, it is a $20 watch (the Xiaomi Mi Band) which I use as an alarm clock. It vibrates instead of making a sound, which I like. It can't annoy people, even if I've forgotten to turn it off and I'm not there when it goes off. It can do notifications and has fitness tracking features. I don't use them. In fact, I'm so used to using my phone for time that I didn't ever use the watch for that. After a few weeks assuming I might, I no longer even wear the thing except for an alarm.

Others might want the fitness tracking. Others want the GPS on your wrist. Others want the voice assistant. Others want the watch to play music. Many others don't want any of these use cases, either mine or the others. That's a thing that you decide.

Re: hostile to the future

We aren't anti cloud. Some people might be, but most of us are realists about what it can do well and what it can't.

Cloud has good use cases. Using a cloud for some systems makes a lot of sense. For example, cloud can allow you to deal with things that could take out your systems. A few cloud images, properly balanced, across different geographic regions and perhaps different providers, can give you a lot of certainty that your system will stay up virtually forever from an infrastructure standpoint. It allows things to continue working if something has gone wrong with your in house equipment, and it gives you an online backup that is fast to recover.

There are also some people that I, at least, would prefer to be on cloud. For businesses that don't have IT employees and have a few systems or even just one, there are great advantages to it being in the cloud. The responsibility of managing a system that they don't understand and keeping it secure and functioning can be helped by having a more experienced cloud provider manage some of that, assuming they're not going to hire an IT person.

However, there are major problems with the cloud:

Cloud is slow. Any data that you need to send back and forth is going to be slower when dealing with a cloud provider. That can really mess up some things by making people irritated. If you need a file of any size, it can be really annoying to have it sent to you each time, and the delay while it's saved can be equally disruptive.

Cloud is expensive. When you are dealing with cloud, you pay by the month (usually), for each gigabyte of disk and bandwidth and in some cases for cputime. That can be fine if you want to use something small, but if, for example, you want to have all your company's network disk in the cloud, rest assured that you'll pay for all those files as well as each time a user opens or saves one. A physical disk may cost a bit at the beginning, but really not that much and you can do plenty of things with it.

Cloud is dependent. If some guy with construction equipment wasn't careful, or if the telco didn't properly advise them, your internet line could be damaged. For a business with modern computing and in house tech, many things could be disrupted. Any internet communication systems wouldn't work, which probably includes the phones as well, and people who need to access the internet for their jobs couldn't be particularly productive. However, people who don't need to access the internet as much would be able to continue working. The files they need and many of the systems they use are still in the building, so they work. With cloud, that cut cable has paralyzed the company until it comes back. The files are gone for now. Communication is down, but no systems in house means there is no intracompany system that's still up. Many people will have been disrupted.

Some things could benefit with the cloud. However, taking that fact and using that as a reason for everything to be moved is pointless. Servers sitting in a server room will work just as well as servers sitting in amazon's room, but you have more freedom with the local servers, and more of their activity helps you. Decide what cloud things you want, without buying into a one size fits all myth.

Re: How does Encrypted SNI protect against censorship from DNS Providers?

It works like this:

This is the current system, assuming I live in China:

Me: [to DNS server that is not censored] I'd like the address to www.chinadoesntlikeme.com please.

DNS: Here you go.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x (insert xxxx:xxxx:xxxx:... if you want) and request the page located at www.chinadoesntlikeme.com/ please.

China: No.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x and request the page located at /

Server at x.x.x.x: Welcome to amazon AWS. You can get to this server; just not the sites China doesn't like.

This is the replacement system:

Me: [to DNS server that is not censored] I'd like the address to www.chinadoesntlikeme.com please.

DNS: Here you go.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x (insert xxxx:xxxx:xxxx:... if you want) and request the page located at "Q2Vuc29yc2hpcCBpcyB0ZXJyaWJsZS4="/ please.

China: Oh no. We need to let people get to the server, because there are plenty of useful things there. But maybe they're going to get something we don't want them to have. What can we do?

China: We'll let you through for now.

That's how it's supposed to work. However, I'm doubtful. I haven't read the system, so I am not familiar with the way the encryption is being used. However, I have to ask the following questions, and if I actually get the time to read about the system then hopefully I'll find the answers.

1. Why can't China do the encryption themselves and find out what the request for a site they don't like would look like? That implies that it changes in such a way that the originating computer knows how to send such a request, but the system China's using doesn't.

2. Will China change over to just retrieving the site requested, then comparing it to a request that they send. They could just compare them and if they are the same or similar (random junk produced to look different) they could decide to not send the page to the machine.

3. Could China block all these encrypted requests such that only standard requests get through? Is there a way to force them to accept it?

4. Does China have enough power to prevent the big cloud providers from using this? They have enough power for apple to crash their own phones when the Taiwanese flag is seen, AWS to give root accounts on all Chinese servers to a third party, and similar for pretty much every company that does business there. I assume they'd find a way for such a system not to be installed.

Re: I purchased a New PC this year...

I'm glad that's the case for you. My personal win10 machine and VM are also stable and working fine, even while updating. However, a lot of people's aren't. I might suggest that our boxes are running better due to thorough management and knowledge of how windows works. However, the OS needs to be more stable than that for the person who doesn't know how windows functions or fails to do so, as they'll still be using a machine one way or another. Compared to other operating systems the person may have used, windows 10 has a lot of mechanisms for failing that a windows 7, XP*, older MacOS, or Linux user might not expect.

*XP functionality is only expected from about 2003 through 2011. People still using it should expect a lot to go wrong.

I see your point, but any good system will send you a link that you have to click on, and then you reset your password from there. Short of jumping in ahead of you, which would be a bit obvious, they can't know your password. Of course, they can take some good guesses if they have an evil turn of mind.

Re: High-tech options

Usually. It definitely includes disabling, by force if necessary, wifi, bluetooth, and ethernet. However, depending on the use case, some airgapped systems may need USB or similar for reading or writing data. For example, a machine might include access to systems that analyze data securely. This can't be infected, but it does need to read data from somewhere. If there is too much data to enter manually, it might be brought in on a USB disk or optical disk, either of which could be infected. Security of airgapped machines is thus also very important.

Re: As an EU citizen..

You should have the right to have your details private. That's the right that is due to you. If I am a company that you deal with, I shouldn't have the right to take your information and sell it without your consent. Even if I need to have that information to do what you paid me for, that doesn't mean I can do anything with it I please. The cookie warning is useful--even if they don't let you say no, you can know not to go there again and to clear your cookies, although I'll admit that I care less about cookies than many other things that are done. The GDPR statements about who has your data, why they have it, and what they are going to do with it provide information that lets you determine whether you trust them with your data and what precautions if any you will take when dealing with them.

Now, onto having the right to know who owns a domain name, no, you don't have that right. More clearly, you don't have the right to know who owns a domain name if that person doesn't want to tell you. Consider a parallel: if you have a phone number and you don't know who it belongs to, you have no right to that information. If it is not listed by the owner somewhere, nobody you ask knows or is willing to tell you, and you can't get the person who answers to tell you, then you're out of luck. I have no obligation to list my phone number somewhere. I have no obligation to answer correctly if someone calls me up and asks who I am. Similarly, you don't have a right to know where I live, where I work, etc. You can find out yourself. You can ask and usually you will be told. I may release that information if I choose, where you can find it and use it freely. But you don't have a universal right to know.

Re: 10 TB of total storage?

The only thing I can think of is editing a bunch of raw video, which I assume can quickly fill up storage. Other than that, probably not.

Re: Corporate Security

The fact that you can think of a reasonable use case for the software, for which I commend you, doesn't make the software all right. The problem is that you are thinking about how to actually use the software for its stated purpose, which is to make people safe. If I had to use it, I'd definitely prefer to have you running the system and dealing with the results. However, the people who are actually buying this are almost certainly using it to track their employees in a way that is very creepy.

For an analogy, consider keyloggers. You could use one of these for a variety of legitimate purposes. You could use it to help correct frequent errors. You can use one (I've done this) to identify users by their typing style. You can use one to have an audit trail of things entered into systems that don't make it simple to collect one otherwise. All of these uses are possible, but usually keyloggers are used to steal passwords and related information, and saying that it will be used for other purposes followed by, essentially, "trust me" shouldn't just be taken at face value.

This has been done before. Companies that wish to break the law but make it look legitimate make excuses for what they're doing. The people who make software that allows people to test their malware against antivirus never say they thought malware writers would pay them for it, but instead market it as a service for software writers. The people who make malware that enables stalkers to track all phone activity market it as security software. People who make malware that allows people to spy through webcams market it as a convenient way to turn that old laptop into a home security camera. These are deceptions. It would be great if everyone deploying a system was like you, having the safety of the employees in mind, but they aren't, and that reality is important to deal with.

Re: Super fast...right

OK, thanks. That was very helpful. Of course, the fact that A) MB is often printed in lowercase by many systems, B) bits and bytes are atomic such that a millibit and a millibyte are nonexistent concepts, and C) the point I was making is not related to abbreviations, but merely a translation from the units used by hardware manufacturers because it is more related to the engineering and it makes the system sound better to the units used by people actually using the systems involved (I.E. all of us) make your point significantly less useful. Still, I appreciate the pedantry and will consider myself justly chastised for my inaccuracy.

Re: Here he goes again ...

I can see a small reason for a flip style, but not for a clamshell one. Things like the gemini that offer a tiny laptop, sure, but not a phone doing phone-style things. The benefits I see with the flip style is that you can have some protection of anything delicate, you have more distance between the microphone and speaker so it actually fits your head, and flipping open to answer and closed to hang up is rather nice. However, the phone would have to be relatively large to accommodate that structure with the kind of screen sizes people want nowadays. I'd be fine with a 4-inch screen, but the buying habits of most others, as reflected in the phones being produced at flagship level, clearly disagree. As little as I want a 5.5-inch phone, I want it even less if it is much thicker, which it would have to be. This leads me to the other problem I have with the flip style for a smartphone--there is a lot of surface area for rather little volume, meaning that things like batteries would likely remain in one piece, powering the other. This makes the modular idea rather limited and means the extra thickness won't host extra battery, which is the reason I'm willing to accept that. In addition, current flip designs wouldn't make it easy to have a single flat surface when flipping open, which makes it difficult to orient the screen at a comfortable angle without having to deal with the other half. That other half would be difficult to orient for typing such that the screen is also conveniently positioned. I'm all for flip phones, but I'd like them to remain the small non-smart variety. The flat screen type, in my mind, best fits the way people use smartphones.

Re: PKI done properly costs money

I don't think so. You seem to be saying that, if we just got over it and cheerfully spent the money, things would be better. These certs aren't free, and the problem's still there. Perhaps one reason we'd prefer the certification process to be free is that all the power for whether the code we wrote is trusted goes to someone else.

The same is true of https. Sure, you can see having a certificate that isn't self-signed as an indication that the server is likely to be who it says it is, but if you're really in a situation where you can't be sure of that, you have bigger problems. If you're getting DNS poisoned to bounce you or someone's taken over a domain name, the problem is big and needs to be dealt with more strongly. Meanwhile, an HTTPS cert of any type provides the user an encrypted connection to the site and protects them. You have to choose where you go, but https://www.iamevil.scammerparadise.net is still going to be risky no matter whether they paid someone to verify that they owned it.

Re: One in twenty users?

Sort of but not exactly. Since 10.9, new versions of the OS are free and can be installed relatively easily. It's not like windows 10; it will actually run pretty much the same. Since they didn't leave any models on 10.9 (everything on 10.9 supports up to 10.11), they supported it for less. I believe they still release security patches for 10.11 because older machines have reached the last supported OS. Incidentally, I'd recommend everyone running less than 10.11 upgrade to it, because it is significantly more stable, and that nobody upgrade from 10.11, especially to 10.13.

Re: If you don't connect it to the network, ...

But they make it look like connecting it to the network will be helpful. That means that nuts like my parents, who had decided to test out some streaming services, tried to get the TV to stream them for them by having it connect to the network. Of course it didn't work, but now I have to find out how to get this thing back off the network. Somehow, my suggestion of giving them a raspberry pi that they could just connect an HDMI cable to was not seen as helpful.

Re: Key word is "Trainee"

"but giving them a crappy task that needs little or no training, (except, making the tea for the workers on a site can be a very skilled job to get right, getting everyone's tea made to exactly how they like it, i.e. more or less milk, 3 or 5 sugars)** is part of the training...."

It seems really pointless. Primarily, I'd assume that people should just make their own tea. If there is something that needs to be done by one person so that everyone can do that, fine make the trainee do it, but if that's the main thing they do, it feels like you can't be bothered to respect the skills they are supposed to be enhancing. Theoretically they were hired to learn things because they showed promise. If you're going to use them as a person to do odd jobs for which their experience is by and large pointless, then you might as well have hired someone who didn't have the skills. They'd probably have been somewhat cheaper, there are many people needing the job, and they would have knowledge of what you were going to ask them to do.

"back in the day of apprenticeships, all they did in a machine shop was brush up and clean the machinery until they knew all the names of the parts. it would take time to learn the skills to work on actual client works..."

Exactly! That's what I'm talking about. Sure, they're doing something that is relatively easy, but they are learning something relevant. This part is called X. It is part of that thing over there, and it performs task Y. This is how to clean it properly. Once you've cleaned it, so that we can use it again, you'll learn what part Z does and how you can use parts X and Z together. They may have learned faster if their supervisor just taught them, but that wouldn't be efficient.

In the end, they got the benefit of knowing what was going on, their employer got the benefit of their work, and either they continued to work together, in which case both were successful, or the employee was able to use extra experience to get or set up a career for themselves. Meanwhile, someone who is used as cheap labor for making tea or similar completely unrelated tasks gets next to no benefit. They have learned nothing, so all they get is something to put on their resume that shows that they worked on something. It's single sided toward the company, but there are very many options for it not to be. That's why I have a problem with it.

Re: Server Farms and Mining Rigs should be...

But what if it's summer but it's been chilly for a bit. Might I fold some proteins then?

Re: Past its sell by date?

Please don't. I use libreoffice too, but return it in a format that isn't bloated and slow. PDFs break a lot, are ridiculously large for the data stored in them, and usually require far too much software to read.

Re: One day, ...

Ok. Now I'm curious. Since I can't think of anything that would get rid of all computers while leaving humans, what type of situation can you think of where computers would be banned? And does your theory also account for the populace to comply with said ban? I'd really like to hear your theories, because I'm not thinking that way at all.

Re: PDF is clunky.

Whatever reason they may have had for losing the document, their mistakes were not the point. The point is that PDF files, although they are lauded as being useful on any platform, frequently lack the feature of making their content available if you don't want to just look at them. Some PDFs have text that can be extracted, but the number that don't is higher than the number that do. If I want to use the contents for some reason, be that copying and pasting code, quoting accurately, or sending data over something where text is more convenient*, PDFs frequently won't work. Sometimes, this is done for security, because I suppose it would be harder to violate copyright with something where copy and paste are made impossible, but usually it's down to someone messing something up or being a control freak because I should view this document in the font they like. With any text-based format, you have the freedom to make it useful by converting it to any format that would work well. The greatest risk is that it won't look as nice on the other end. With a PDF, the message seems to be that you are not allowed to do anything that the original document-writer didn't think of allowing you to do.

*Recently, I wanted to give someone some of the documentation for a system they were using. The only problem was that they were on the other side of an e-mail exchange. I can't send the PDF file because it's 48 mb and there's a limit on attachment size. This file was sent to me, so I don't have a link to it online. I could post it somewhere and let them download it, sure, but copying and pasting the ten-item instruction list would really have been more convenient.

Re: No worse than something on a web page

Good point on the light node way, I was not aware that was a thing. I suppose that eliminates my objection.

On the subject of reddit, I was using that as an example, but the point was that you couldn't kill the mechanism. You post a message in a monitored thread (give the system a list of two hundred or so to check, from any account. Every message gets read and decoded. Therefore, all you need to control the system is a key that can sign/encrypt a command and knowledge of the threads used. Reddit/whatever platform it is using can find your message and delete it, and also block the account, but you don't need either of those. The message was already read and acted upon, and you can send another message just by opening another account and posting with it. Perhaps reddit will take things down too quickly, but all you need is some online forum thing that allows new accounts rather easily and doesn't pre-check posts. Posting here, for example, wouldn't work because the first three posts are moderated manually. That doesn't hold for many other methods. One other benefit of the online posting way is that the periodic killing of posts helps the commander. There is little chance of the program getting an old instruction and acting on it when it shouldn't.

Re: Super virus able to run on any platform

I'm not sure if your being serious or not... but there is no software. They're lying. They just dropped the operating systems they could think of into their message (see first comment for full text) under the theory that that would be helpful.

Re: Has a disadvantage too

Even if it encourages more people to share binaries, it should prevent as many malware-infected ones from being there. For me, that will be a benefit. I tend to prefer having no google account set up with an android device and avoiding the play systems entirely, but there are things I can't get in fdroid. For example, some google packages are useful to me but don't come installed. I just have to hope that whatever site I get the APKs from haven't infected them (by the way, anyone know whether there are some trustworthy apk collections out there?). For me, this will be somewhat helpful.

Re: weird decision by Aussies

Regarding the argument that the fingerprint sensor might be insecure, that's a risk that is taken when parts are switched. You have to understand that the cheaper part might be problematic, or in fact that something might be dodgy with it. However, the risk doesn't mean I can do whatever I'd like. For example, I can build you a hard drive that contains sneaky ransomware on board. Use it for six months and the ransomware activates, encrypting the disk and booting your machine to ask for money. The fact that I could do this doesn't mean you are justified in never buying a disk again, nor does it make it logical for you to say "Any disks I approve are fine, all others aren't". If I buy a disk, I assume the risk for it. If it turns out someone's sneaking ransomware into them, find them and report them.

There's a chance, but not a big one

The way I see it, microsoft have chosen a good time to think about switching over, as they are at a relatively pivotal point. This is similar to the many stories about their thoughts of running windows 10 on arm. I don't see a reason this has to fail, but I can see lots of ways it could. The last time microsoft tried it, for example, they got windows RT and it didn't succeed. They will need to realize that very little is going through the windows store and that the rest needs to be available. That means either getting devs to recompile a lot of things or making a compatibility layer. However, if they manage that, I see no reason this couldn't be a new architecture.

However, given microsoft's track record with this and their current software base, I doubt it will happen. Apple could switch to arm because their low-end users get their software from the appstore, and their high-end users use software made by companies that have enough money to recompile and test the new code to death. Linux can switch to most things because the software can be recompiled by anyone and patches provided by anyone with the knowledge and inclination. If microsoft makes this available, and things start to break, it may fail at that point. They aren't really providing something that we couldn't get before, so it will need to be very good for it to get the chance to become better.

Re: someone can tell me

That doesn't really get very much of it. Here comes a big data blob out, and another one in. What was that? Was it spyware sending your data to a C&C, with the next set of data coming back? Or was that your music player syncing your playlists, or even just checking for updates? There are many devices that would be caught by something like that, but the more you attempt to have the thing online, the more data it will send that you can't make any sense of. If you can't be certain that the connection to the cloud for the GPS data to be interpreted (that's something that won't run on a watch for a while) doesn't also contain anything sneaky, worry is justified.

Re: And about time too...

While I'd really like an open source, everything free, no slurpage system that takes the world by storm, I know that won't be happening. I'd be very satisfied if we could have such a system that is at the level of linux on the desktop. Sure, people in general aren't using it, and remain open to the many problems with the current players, but it is a thing that can do most of the things people want to do, can be installed on most relevant hardware, etc. If we had something that could live comfortably on phones, could be installed on them without fighting them, and had access to the services we need, I would be thrilled. Most things would not need their own applications, because their websites will do most of that. However, we will need apps for the standard videochat and cloud storage software to complement the apps that do more standard on-device things (without a good mail client, contacts manager, calendar, and phone/SMS client, there is no chance).

I have gotten as close as I will probably get to this with a blank android system (no google play apps if I can manage it, firefox as browser, all apps installed from fdroid). I'm sure there's a lot I probably don't want to know about in there, but I don't have a way to get any closer.

Re: As I was reading...

Maybe, but there are plenty of things that would be useful. In the case of a thing I considered backing, a phone case that records phone calls and can also act as a convenient audio recorder. That's something I could use, as I find it handy to start a recording with a press of a button, which my phone can't do (unlocking, opening app, and pressing a button is fine but can take a few seconds which annoys the person you want to record, and won't work if you're on the phone. It is a product I want, the price seems fine, and the people are near their estimate of how much money they need to make it, so they should have enough. I don't know what happened in that case, because I didn't end up supporting, but all I know is that they haven't made any of these, the page is dead, and I'm disappointed because I can't buy it.

Re: Windows Phone ... 7 ?

It was the application in the microsoft store--I.E. it was running on windows 10 mobile (maybe windows phone 8.1 too, but I haven't checked). Frequently, windows 10 mobile is still called windows phone, both because microsoft has been known to do it and the fact that windows 10 mobile sounds weird. Windows mobile was a thing, but it is nothing like windows 10 mobile. Meanwhile, windows 10 mobile and windows 10 are alike only in that they require too much background junk and have cortana on them. Windows 10 mobile and windows phone run on similar devices, in some case the same devices, made by Nokia two to four years ago (they are still making them, right? I haven't really heard anything about it). Hence, windows phone can refer quite clearly to the latest windows thing that runs on phones.

Re: we're not freaking magical wizards

I agree, but more because the statement is just wrong. The general public don't see dealing with systems as fighting demons. To judge from the general attitude, they consider it as either building something (those being the courteous ones), putting roadblocks in their way (the annoying ones), or doing something that requires no skills at all (those being the stupid ones). Also, I have never considered a system or program I'm writing to be like a puppy or any other animal. With animals, I get a sense of life, of personality, although that's mostly made up by me, and independence. I view programs as something I am building. It may at some point be independent of my actions, and there may at some point be enough code in it for something it does to be sort of lifelike. However, it's not living enough for me to consider it like an animal. If you want a parallel that works for me, although this is probably very subjective, I'd suggest a system as a piece of art. I have an idea of what it will be, I take steps to get there, and the completed work is designed by my imagination and different from my original blueprint.