* Posts by FILE_ID.DIZ

281 publicly visible posts • joined 26 Aug 2020

Page:

It is a bird, a plane or a Chinese spy balloon? None of the above

FILE_ID.DIZ
Thumb Down

Re: China insisted was an errant weather balloon

Well, if I'm looking at something from 10 miles away "horizontally", then yes, all the heat between my camera and the object are at play.

But, if I'm on top of you, 10 miles away, then any "heat shimmer" effect is drastically decreased, given any localized heat shimmers are, well, local.

I mean, any modern satellite (read Google Earth) image showing the color and details of a car or window of a high-rise blow through your heat shimmer theory.

FILE_ID.DIZ

Re: China insisted was an errant weather balloon

Given that private satellites are able to capture 30 centimeters per pixel from space (https://www.geowgs84.com/post/what-is-the-highest-resolution-satellite-imagery-available), I'm highly confident a lower altitude isn't going to bring in unknowable details that are otherwise lost.

You can make out quite a lot with that resolution.

That same article makes an unverified claim that some governments may have low single-digit centimeter per pixel resolutions already. You can read a license plate if that resolution does exist. If that statement about resolution is true, I'm sure China would be one of those countries with such technology.

FILE_ID.DIZ

Re: China insisted was an errant weather balloon

That's because the wing-nuts in a certain circle of the US population are, well, crazy AF.

Sure.... that Chinese balloon could have been photographing stuff... but so do satellites, every frigging day! Both private companies and government entities. The private companies being the ones I'd be most worried about, since they will sell any image to any buyer. (Think of all those fitness trackers....) Governments tend to want to horde their data.

Sure.... that Chinese balloon could have been intercepting RF signals.... but so do a lot of other things, every frigging day! I mean, back in the day of satellite communications, crafty spies would setup shop "behind" the transceiver and listen to the RF beam's wide spread on the ground.

I'm quite positive that sensitive USG properties have thought of all the ways information can be leaked/gathered/etc. In fact, I'm sure they do it every day against other entities every day. I would think (hope) that anyway we can acquire intelligence, someone considers if we ourselves are also sensitive to that same method of leakage.

At least that's what a reasonable person should consider... and I do believe that those in charge of sensitive sites think of these things.Except in cases of a novel data leaks, such as the aforementioned fitness trackers. That's a solved problem now.

Europe loosens the straps tying Apple and Microsoft to tough antitrust rules

FILE_ID.DIZ
Thumb Down

Re: mmmm

Neat trick.

Who the fuck uses Word often enough to warrant that non ADA-compliant key combo. I'd take Excel over Word every day.

But then again, I keep it pinned to my taskbar, so unless I have 12 screens like some traders do (finding where the mouse is hiding can't be fun), right-clicking the Excel icon on the taskbar is easier than those key combos.

Waymo services driverless car software after Phoenix truck collision

FILE_ID.DIZ
Facepalm

Stupid Computers.

Improperly towed is a different statement than illegally towed.

If I had to guess - since the vehicle was towed backwards, it was a rear-wheel drive vehicle and the front wheels were locked to an angle (other than TDC) by the steering column lock, causing the front of the vehicle to shift out a bit to the side.

The tow truck driver chose not (for whatever reason) to place the front wheels on dollies.

I can tell you that in my city, relocation tows for temporary No Parking areas (construction/tree trimming/etc) are pretty rough if you have AWD/4WD or have your parking brake on. Every tow I've seen with an AWD/4WD vehicle, the rear wheels aren't dollied and the vehicle is dragged down the street with the rear wheels fighting who gets to spin forwards and who is relegated to spinning backwards. (No locked differential I guess on those few examples I recall.)

Improperly towed means that Waymo was still at fault for failing to detect the otherwise legal condition, albeit "different".

Also, proof positive that computers do exactly as they're programed... since a second Waymo car performed an encore performance just minutes later.

Wonder how or why the Waymo car didn't pay attention to the likely lit amber strobes of the tow vehicle.

QNAP vulnerability disclosure ends up an utter shambles

FILE_ID.DIZ
Boffin

Only relevant if you're planning on hanging one of these off the internet at-large.

Don't do this, ever. With a QNAP or any other device that is not purposefully designed to be a security/edge device. Even "security/edge" devices have critical vulnerabilities... SSL-VPN seem to be the flavor of the day.

On a private network with trusted devices on it, they're relatively safe devices for home use.

Sure, your home computer could catch something and then they move to a vulnerable QNAP...

Deepfake CFO tricks Hong Kong biz out of $25 million

FILE_ID.DIZ
Boffin

Re: Root cause

Exactly - I think back to the case where Citibank accidentally wired $900M USD instead of about $8M USD back in 2020 to several lenders. They intended to make a $8M USD interest payment, but someone at Citi accidentally paid off the entire Revlon loan.

Oopsie.

That took a lawsuit that Citi lost (weird NY State law at play) but they won on appeals.

Regulator says stranger entered hospital, treated a patient, took a document ... then vanished

FILE_ID.DIZ
Boffin

Re: Pardon?

Not if you have the proper controls and of course the consent(s) in place, preferably buried deep into all the paperwork a patient (eventually) and/or an authorized party to the patient, (eventually) signed. (However, IANAL, so YMMV.)

For example, https://avasure.com/telesitter/

Where I know this is used is for patients who may be in some type of altered mental state (psychos, postictal state, dementia, so on and so forth). This allows for directly monitoring patients, making sure that they're safe in their bed, to prevent any fall injuries or getting lost and possibly confused/angered.

Helpful when hospital rooms are designed so that it's not very easy to peer far into a room, even with the door open.

Meta sued by privacy group over pay up or click OK model

FILE_ID.DIZ

Re: Easy way to teach FB a lession

There are 13 named authorities operated by 12 entities. There are, as you noted, a lot more.

In fact, there are currently 1,771 instances as of 2023-11-30T04:09:07Z according to https://root-servers.org/.

There appears to be 32 on the UK island. (None apparently in NI.)

FILE_ID.DIZ
Headmaster

Re: Easy way to teach FB a lession

You're just hosting a resolver with root server hints.

If you were to host a root server, you need to host the root zone locally which is conveniently listed here - https://www.internic.net/domain/root.zone.

FILE_ID.DIZ
Headmaster

Re: Easy way to teach FB a lession

Resolver is the correct name for what you setup.

FILE_ID.DIZ
Headmaster

Re: Easy way to teach FB a lession

You know that the "root" servers only resolve the (g/gr/s/cc/etc)TLDs, right?

The root servers take the query "facebook.com", and says, here's the list of COM. name servers. That's all they do, all day long. Billions of times a day.

com. is solely run by VeriSign Global Registry Services - https://www.verisign.com/company-information/index.xhtml

Just saying.

Plus, you do recall that the internet, and DNS, is designed to work/route around outages. In fact, no one notices one iota that if you're a Hurricane Electric customer on IPv6, you likely can't reach the C root servers via IPv6 because of the ongoing Cogent v HE war.

PS: VeriSign, through mergers, also runs two roots too, A and J

Adobe sells fake AI-generated Israel-Hamas war images – then the news ran them as real

FILE_ID.DIZ
Meh

AL isn't a makeup artist or a graphics artist. It simply conjures crap up.

FILE_ID.DIZ
Mushroom

Re: What

It worked for tracking lettuce [0], it MUST work for images too!

[0] - https://www.nytimes.com/2018/09/24/business/walmart-blockchain-lettuce.html

FILE_ID.DIZ
Devil

Worst than fine print is the classic bait and switch.

At least with fine print caveat emptor rules supreme. Shysters and grifters are just scum who refer to themselves as politicians in certain circles.

FILE_ID.DIZ

To facilitate the transfer of currency from another's wallet to their wallet?

FILE_ID.DIZ
Holmes

Metadata... yea, that'll solve the problem

Curious how this "metadata" survives a social media (re)post or reproduction in physical media or on other online publications' websites.

Of course, conscientious publishers show their sources for images - but that doesn't translate in social media well. One just has to consider all the "sponsored" posts by "influencers" that neglected that tidbit.

By stating the source is "AI Generated"... kinda ruins the point of using the photo for a real article about a real event. No one sees "artist's rendition" from either of the Iraq wars. Court room illustrations stand as a counter-example... but those are clearly not life-like.

And this also requires the readers to read the fine print, which I find many people don't do. It seems to be a lost art these days.

Hell, even this website's articles seems to have recently added a bold banner for older articles (or at least I just started to notice it). Perhaps because people find it difficult to care to look at an article's date of publishing, which tends not to be in the largest of fonts.

Atlassian cranks up the threat meter to max for Confluence authorization flaw

FILE_ID.DIZ
Pirate

Re: Humble question to those affected or at risk

Because sometimes people with no other skill than a company credit card and authorization to use it, think they can solve a problem without considering what it is that they're doing.

Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI

FILE_ID.DIZ
Angel

Re: Meanwhile the other killer is allowed to walk free?

Even encouraged (according to a friend I know) in a certain areas in the state of Utah and other places where that religion is vigorously practiced.

Airbus takes its long, thin, plane on a ten-day test campaign

FILE_ID.DIZ
FAIL

I guess someone had to...

come up with a crappy 757 replacement.

I really disliked my EWR-HAM flights.

Nothing like a jam five people deep in the lone single aisle next to the lav with the service trolley trying to push through.

FUCK THAT SHIT!

AMD says it'll jump through Uncle Sam's hoops to sell AI chips to China

FILE_ID.DIZ
Holmes

Apparently business abhors a vacuum too.

US Air Force burns more money on electric flying taxis

FILE_ID.DIZ
Facepalm

Re: alt.conspiracy.black.helicopters

It was, wasn't it...

FILE_ID.DIZ
Devil

alt.conspiracy.black.helicopters

Ol King of the Hill reference.

Producers allegedly sought rights to replicate extras using AI, forever, for just $200

FILE_ID.DIZ
Mushroom

Re: "address concerns of being replaced by AI"

No. Thank. You. Imagine an AI in position of moar "power".

FUCK THAT.

It's already bad enough that the smooth brains are happily following the tunes of the Pied Piper's Internet of social media(s).

Google, DeepMind accused of 'stealing the internet' to create Bard AI chatbot

FILE_ID.DIZ
Thumb Down

Re: Yes and no

That's demonstrably false.

Google's Cache feature is a quicker (than archive.org), but single point-in-time snapshot for each search's hits.

Example - https://webcache.googleusercontent.com/search?q=cache:https://hello.com/

Microsoft whips up unrest after revealing Azure AD name change

FILE_ID.DIZ
Facepalm

Re: To Marketing: a Boot to the Head!

Need an upgraded video. Apparently there's a thing called "Power Slap". Was at the local watering hole last Friday and this was on one of the TVs.

https://www.youtube.com/watch?v=DDQaq0_cqAg

--> Because obviously that'd be an own goal in Power Slap?

FILE_ID.DIZ
Facepalm

Microsoft must have hired the former marketing department of Citrix...

...who notoriously renamed EVERYTHING every few years. Apparently to justify their existence.

OpenAI pauses Bing search feature over paywall bypass abilities

FILE_ID.DIZ
Boffin

Well... might not be that simple.

Google, Bing and DDG, for example, maintain lists of their bot's IP ranges. Google, Bing and DDG also seem to use FCrDNS with a specific domain (googlebot.com and search.msn.com) and DDG uses duckduckbot-X.duckduckgo.com where X is an integer it seems.

Bing bot IP ranges - https://www.bing.com/toolbox/bingbot.json

Google bot IP ranges - https://developers.google.com/static/search/apis/ipranges/googlebot.json

DDG bot IP ranges - https://help.duckduckgo.com/duckduckgo-help-pages/results/duckduckbot/

And as the saying goes - the "good guys" always have to be right. The bad guys (in this example, trying to circumvent a paywall) just have to be right once.

And I have to imagine that writing a middleware to update whatever application(s) is/are responsible to allow spiders in based on third-party provided, non-RFC standardized formated IP data might be harder than just looking for a UA string. At least until someone in the bean counter department notices.

Meta teaches AI image model to stop generating human fingers like a drunk Picasso

FILE_ID.DIZ
Trollface

Generative architectures, Meta says, often have trouble with human hands because they try to fill in every bit of information without a conceptual basis for the scene.

Like most ChatGPT answers.

Out with the old, in with the new – Accenture declares AI is 'mature and delivers value'

FILE_ID.DIZ
Thumb Down

In Crisis mode?

There was a Bloomberg interview of Julie Sweet published in October 2021.

I'm going to snipe https://www.youtube.com/watch?v=mwTkqYG7N3k&t=256s this great quote where she says that they (Accenture) doesn't take on clients in "Crisis Mode" who aren't willing to set aggressive goals (gaol for employees?).

Perhaps she was ultimately referring to "AI" (Really, machine learning, but who's counting). And yes, if you continue on that video she talks about their profit motive with their engagements a few seconds later, at https://www.youtube.com/watch?v=mwTkqYG7N3k&t=310s

Microsoft Windows edges closer to SMB security signing fully required by default

FILE_ID.DIZ
Boffin

Re: This will be exciting

Install FileZilla FTP Server. At least that product is actively supported and runs on supportable OSs.

Also, Windows XP supports SMB Signing. Just saying.

FILE_ID.DIZ
Thumb Up

Re: Win7 and other old stuff?

Yes - Windows 7 supports SMB Signing - Enforced. The policy is called "Microsoft network client/server: Digitally sign communications (always)" in secpol.msc. (There's one policy for Microsoft Network Server and another for Microsoft Network Client.)

Signing has been available since Server 2000, FYI.

FILE_ID.DIZ
Thumb Up

This is actually improving security.

Getting windows boxes to dump all its creds with SMB signing not enforced is a relatively simple MITM attack that is used to laterally move in an environment by crims.

This doesn't use certificates. And as for the overhead, couldn't quantify it for you, but I know we didn't notice it when we enabled it.

Windows 11 puts 'disgusting' Remote Mailslots protocol out of its misery

FILE_ID.DIZ
Thumb Down

One of my customers has an enterprise application that still uses mailslots to this day.

In fact I learned a lot of about mailslots trying to troubleshoot a loss of connectivity after a patch in 2016. I had to write a group policy company-wide to change the behavior of mailslots due to the security patch. And I recall there was another monthly patch for Windows 10 clients in 2018 that once again broke mailslots and that caused issues with their enterprise application and Microsoft had to come out with another patch for the patch.

What a miserable protocol.

Meta chops another 10,000 employees, closes 5,000 vacancies

FILE_ID.DIZ
Boffin

Zuck has majority voting in the boardroom. His Class B stock gets 10 votes per share. Plus another holder of class B shares, Moskovitz, has a voting agreement that stipulates that he'll vote the same way Zuck does.

As of the end of Q4 (December 31, 2022), there were 2,225,763,078 Class A stock (publicly traded) and 366,876,470 Class B stock (not traded). With 10-to-1 voting power, that ~367M shares votes like ~3.67B shares, dwarfing Class A share's voting power.

The Twitpocalypse may have begun, as datacenter migration reportedly founders

FILE_ID.DIZ
Trollface

Re: The solution to this problem is exceedingly simple, and is being overlooked by everyone...

What are you, someone from the Oregon State Board of Examiners for Engineering and Land Surveying? [0]

[0] - https://reason.com/2019/01/02/judge-confirms-that-oregon-engineer-has/

Freedom for MegaCortex ransomware victims – the fix is out

FILE_ID.DIZ
Holmes

Who gives a shit about how long an intruder was inside your network. So long as you can validate that data was not compromised, eg: they just want to steal your shit for secondary ransom. Your extended backups are generally quite valuable.

If your backups weren't valuable, why would these criminals bother fucking with your backups? I mean, time is money - crims have new targets to fuck.

US Supreme Court asked if cops can plant spy cams around homes

FILE_ID.DIZ
Boffin

Re: Those are privately owned

Correct you are, except that the police doesn't need to give that homeowner a "Ring" branded camera. The brand doesn't matter whatsoever.

In the case of Ring video, in the TOS, you grant a right to Amazon to do whatever they want with that content. They have accordingly resold that right to both private and public entities for their purposes.

Since Amazon has a right to those videos and has agreements to provide those videos to various government entities, the Fourth Amendment no longer applies. This would be no different than a security camera of a private business that recorded a crime and the Police used that video to identity the criminal and further use that video in a Court of Law.

Speaking further about cameras which a Government installs, one has to look no further than the botched surveillance of Robert Kraft (plus 30+ others) vs Palm Beach County/Jupiter Beach PD for recent, prior case history.

Terraform Labs and crypto bro Do Kwon face $57 million court case in Singapore

FILE_ID.DIZ

Re: Just Pull a Carlos Ghosn...

All correct - but there still is no extradition treaty between the two countries.

And if you're running from the law, beggars can't be choosers. I mean, look at Edward Snowden.

FILE_ID.DIZ
Devil

Just Pull a Carlos Ghosn...

... and flee to Lebanon?

You're Shipt outta luck: App sued for treating delivery workers as contractors

FILE_ID.DIZ
Boffin

Re: Surely some mistake here?

Don't forget that Visa (in the most optimal scenario) can take 2 x swipe charge and 2 x merchant surcharge for a "single" transaction.

AWS warns of demand slowdown as customers seek to cut spend

FILE_ID.DIZ
Gimp

Your statement presumes that those organizations haven't been subsumed by the lure of all those "SaaS" features that various clouds offer, "bonding" you to their cloud (using the same icon) with the fragrant (but elusive) lure of "cheaper pricing and quicker development" prospect...

Origins of mysterious marsquake settled: It was a meteoroid what done it

FILE_ID.DIZ
Trollface

Two movie references. Three if you include the porno!

Maybe the Arachnids from Star Ship Troopers were on to something - instead of sending fragile drilling probes that can't go more than a couple of inches - we should just hurdle asteroids towards Mars, we'd get a Deep(er) Impact.

Prison inmate accused of orchestrating $11M fraud using cell cellphone

FILE_ID.DIZ
Boffin

Re: Ethical search and seizure

Schools, K-12, are also a partially constitution free zone as well with respect to the First, Second, Fourth, Fifth and I'm sure a few others if I thought about it a bit more.

Germany orders Sept 1 shutdown of digital ad displays to save gas

FILE_ID.DIZ
Thumb Up

Re: Pointless laws are pointless

If we extend indefinitely, we're going to encounter problems.

Correct you are. In loose terms, we are over-extending the designed lives of our nuclear fleet by years and years, today. And we're only able to do so because these vessels were overbuilt because, well, we're talking about nuclear FRICKING fission. You error on the side of caution on safety margins. ;)

Yes, they are being inspected and are currently deemed safe, but we're not building new ones - and this will take 10 to 15 or more years for a new crop of generators to come online.

I have to imagine that if we can apply 40 or 50 or more years of gained operational knowledge, a brand-new fission reactor will be better, cheaper and safer than ones built two generations ago that are running today - which are still supremely safe.

FILE_ID.DIZ
Facepalm

Re: Exceptions for such dual-purpose signs have been arranged.

The Uber model of pricing.

I just came back from the future, and that worked out well for everyone.

PS: Calgary is a beautiful city. Was there last year on a project for several weeks and have to say, of all the Canadian cities I've been to, Calgary appeals the most to me.

Never been to as far west as BC (Bring Cash) or as far east as Newfoundland (heard they're strange) - but will hand it to Calgary. :)

FILE_ID.DIZ
Meh

Re: Exceptions for such dual-purpose signs have been arranged.

I am always amused by gas prices and not in a good way.

I mean, yes - they need to charge relative to the price that they're going to pay the distributor, but how many delivery tankers does any one gas station receive on any given day?

I mean, does the price of the gas change while that delivery truck is in transit?

FILE_ID.DIZ
Thumb Down

FRA airport is very nearly in compliance with this law....

About time digital adverts got the same treatment - this time for light pollution. (Although really, was it necessary to order the NUC or Pi to be powered down due to the slipshod language of the law or perhaps not tie the power of the NUC or Pi to the power of the physical signage?)

For the last two or more decades, as homes around FRA encroached the airport (used to be nothing but fields nearby), eventually I suppose those homeowners forgot the reason why the land around the airport was cheap in the first place and started bitching that "hey, FRA is loud - let's shut it down" and the local government acquiesced.

Accordingly, with the exception of emergencies, FRA has been shut to all flights between 11PM and 5AM local for over a decade.

Of course - this is when freighters (think FedEx/UPS/AtlasAir/AmazonAir/DHL etc) typically perform their movements and FRA was Germany's most important international freight hub.

T-Mobile US and SpaceX hope to deliver phone service from space

FILE_ID.DIZ
Stop

Re: Really?

Presentation? I read the article. Either the article was lacking or you got hooked by the marketing wanks.

The very first paragraph of the article states -

"T-Mobile US and SpaceX have announced plans to use satellites in low Earth orbit [...] and perhaps globally using existing devices." Emphasis mine.

Who cares about the frequency or protocol. If it is phone is communicating with a satellite, then it is verboten in China.

Just like if you rent an Iridium phone, it does not work in Cuba, or Russia, or Afghanistan, or North Korea or in any other sanctioned countries. Or in countries like China where such technology is forbidden by local law.

Clearly it cannot be used anywhere in the world.

California to phase out internal combustion vehicles by 2035

FILE_ID.DIZ
Happy

Re: Not going to happen

Well, it is also a culture that the locals enthusiastically support as well.

Sure, the locals may have been/are drawn by the lack of automobiles, similar to how those who are "allergic to EMF" are drawn to the National Radio Quiet Zone, so there may be a bit of bias.

Page: