Re: What I don't understand...
Sorry, didn't know that. Thanks.
Posts by Christian Berger
4850 publicly visible posts • joined 9 Mar 2007
Page:
Microsoft LOVES YOU: Free Wi-Fi on the British railways for a month
Wednesday 27th March 2013 13:38 GMT
What I don't understand...
Windows supports network access to their operating systems since Windows 2000 server. Their RDP is actually fairly well and I've seen it running over ISDN at usable speeds....
Why go through all the hassle with "Cloud-based Office" when you can just remotely log into your desktop computer. (Of course you need a VPN and all that, but come on, that's not hard to do)
Are the PCs all getting a bit old at your office? You're not alone
Spanish Linux group files antitrust complaint against Microsoft
Wednesday 27th March 2013 13:33 GMT
It's a much bigger issue actually
I mean think about mobile phones, once the support from the manufacturer runs out they become worthless and dangerous as you won't get any security updates.
We should start mandating open interfaces between the hardware and the operating system (e.g. BIOS) so we can continue to use those computers longer just like we do with PCs today.
Wednesday 27th March 2013 13:17 GMT
Re: As is said in church...
"If I had a house with a top of the range burglar alarm system,"
And that's where your argument falls apart. "Secure Boot" only provides security in name. It doesn't solve any existing problem. Virtually no malware goes through the boot process today. It used to be a problem way back in the age of Parity Boot B. Today it is much easier to exploit Flash or Java holes. Tomorrow people might exploit bugs in UEFI, but once you are able to change the boot process, you are already root and can do anything you like on that system.
Are you in charge of a lot of biz computers? Got Java on them?
Wednesday 27th March 2013 12:03 GMT
BTW, if you are looking for something for local GUI applications try Lazarus
Lazarus is a Delphi clone without the pain of Delphi. It's platform independent and you can designs your forms graphically or algorithmically (in any combination). It even has a nice system to automatically resize forms in a sensible way. (just like what you are used to from modern GUI toolkits)
Seriously I could understand someone making the error of choosing Java back in the 1990s. It was popular and supported. It even looked as if it could become an universal standard for binary executables, a bit like what ASCII was for text. Now it's essentially dead.
.net however seems like the benchmark for bad business decisions. It's _less_ portable than native win32 applications and has a noticeable performance impact. It's also harder to deploy than win32 applications, and there are literally thousands of better solutions, from old Visual Basic versions to OOPascal and probably even TCL/Tk.
Google turns South African schools into White Spaces
Tuesday 26th March 2013 13:05 GMT
Such things are done by many people
For example there's the Freifunk movement which tries to bring Internet to areas previously not catered for.
Actually plain WLAN is quite suitable for such projects if you can work with small cells or meshed networks. You can even move to 5.6 GHz and directional antennas for "back haul" links.
The great advantage of WLAN is, that you need no special client equipment.
Reg man goes time travelling at iconic observatory
Monday 25th March 2013 21:04 GMT
You don't "split" between GPS and atomic clock
The problem with GPS is that it's quite jittery. It's long term stable, but can have an error of up to 100ns in the short run...
What you typically do is to have a Hydrogen MASER combined with GPS, you use the time from GPS to slowly tune the MASER.
Alternatively if you can live with the jitter of an atomic clock, you can also tune that very slowly via GPS. Of course GPS receivers for time start at 100 Euros, while rubidium atomic clocks start at about 60 Euros. So just saying GPS and atomic clock doesn't say much. :)
For example my setup at home is fairly simple. It's a budget GPS time receiver connected via serial port. It's not very precise but it gives the correct time to about a microsecond. I know you probably wonder how can live with such an uncertainty, but people in Germany aren't particularly punctual. As long as you are here within the right second everything is alright.
Nokia deflates Google's video codec thought bubble
Nanowires boost photovoltaics sunlight capture by 15X
Cop an eyeful of that: Moto bungs 5-megapixel cam into plod radio
Sunday 24th March 2013 08:42 GMT
Well it is a "reimagination" of GSM. It's not very advanced technology wise. It's not meant to be. It's essentially combining the mindsets of GSM and trunk radio.
Maybe they should have looked at WLAN and made a sort of UHF narrow band WLAN running in AdHoc mode. If you add some sort of mesh routing protocol like B.A.T.M.A.N. you might be better off.
Friday 22nd March 2013 22:12 GMT
Re: Secure enough
Well the "simple scanner" has evolved into a little USB SDR for less than scanners cost. And the Osmocom people are working on that. The low bandwidth and the absence of hopping make it an ideal target for SDRs. You can probably even just modify a radio to have a higher bandwidth and use SSB and a soundcard.
Just because it's a bit secure and your 10+++ year old receiver would have to be modified for it doesn't mean it can't be decoded easily with the proper equipment.
You are probably even the guy who claimed that doing operator side attacks to mobile phones are infeasible since base stations cost to much. Those problems are over by now. If there's a standard that's open and popular you will, after a relatively short time, find decent equipment to work with it.
Friday 22nd March 2013 22:05 GMT
Re: TETRA is not a Motorola Standard, nor particularly secure
Most TETRA networks are unencrypted since setting up the keys is apparently not easy. So usually you can just use an SDR and sniff everything.
As far as encryption goes. Those standards are proprietary standards. It's unlikely they are any good.
Actually the main problem is key exchange. Maybe this could be solved by some sort of "bonking" wither via NFC or audio. So you connect 2 devices and they'll exchange their keys, and you can then exchange other keys with other devices, creating a web of trust.
Reliant on Dell for PCs? Start looking around, says Gartner ball-gazer
Sunday 24th March 2013 07:38 GMT
Hmm, markets probably split again
Let's look back 20 years. In the early 1990s a consumer might have bought a C64 or an Amiga while businesses bought "IBM-PCs" if they were small, or some sort of Unix or VMS system if they were large. (or maybe an AS400) If you were doing serious computation/engineering you'd have a Unix workstation.
Then those 4 markets converged onto the "IBM-PC" at it's peak even running Windows for all purposes. Suddenly home computer owners got PCs, lager companies got PC-based servers and even engineers got PCs now often running Linux.
Those markets split again. Consumers who previously bought PCs now switch to tablets and other gaming devices. Businesses are contempt with what hardware they've got, and since they got enough hardware 3-7 years ago that's still useful, it'll take them a few more years to start buying again. And engineers, well that's a small market anyhow, but those increasingly get away from Windows to use Linux.
Movie, TV ads annoying? You ain't seen nothin' yet
Saturday 23rd March 2013 14:50 GMT
Re: Necessary Evil
Well there has never been a correlation between "good" TV and "expensive" TV.
Maybe a donation based model for television will work in the future.
Or perhaps we'll move on to some model where we all pay into Arts just like we already pay for science.
The TV-tax model actually isn't to bad, comparing it to the mixed model German public TV stations have, the BBC has a much broader range of topics. A multi-part prime time show about astronomy would be absolutely impossible here. Even shows like "Only Connect" or "Countdown" won't be done here, as it's far to niche. (We used to have "Countdown" in the early 1980s on an early commercial channel, but nobody remembers this.)
Finland a haven for vulnerable SCADA systems
Friday 22nd March 2013 21:54 GMT
Re: Well that problem will soon be solved
Well it depends. There's currently a push for WLAN systems for industrial control. Done right this can be sensible and good.
Imagine you had security cameras sending their pictures via scp with public key authentication or some similar scheme WLAN is not much of a problem.
If you however have simple webserver based solutions without proper authentication, it is. You should always treat you LAN and your WLAN in particular as an insecure network which may break and be intercepted.
So if you have WLAN cameras which watch over an outside area which can be seen from the fence anyhow, this probably isn't much of a problem.
Friday 22nd March 2013 21:40 GMT
Re: Well that problem will soon be solved
"I'd rather it not be installed in the first place."
Well DCOM is the backbone of many industrial automation systems. It's the base of OPC and is even used by some standards like PROFINET which combine DCOM with raw Ethernet packets... doing the signaling in DCOM and the data in raw packets, because... well... I'm glad I don't have to work in that are.
The big problem is that those people don't understand what they are doing. They have no idea why DCOM could be a bad idea. They have no idea why some complex standards like OPC-UA (using encrypted XML over SOAP with lots of complexity added in for what is essentially a pimped up key value store with messaging features) are a bad idea.
Friday 22nd March 2013 05:42 GMT
Well that problem will soon be solved
Just google for "SCADA in the cloud" and yes, that's a real thing, and yes it will be implemented by people knowing less about security than an MSCE in the 1990s.There is also talk about using WLAN for such applications.
If we could just get SCADA security up to the level of non Win/Mac desktop security, we simply wouldn't have those problems. SCADA systems currently are hard enough to get running at all (ever gotten DCOM to run?) people rarely bother with security, as security means that there's another thing that can make it fail.
How to survive a UEFI BOOT-OF-DEATH on Samsung laptops
Friday 22nd March 2013 21:16 GMT
It actually does way more already
Outside of the user accessible modes of the CPU the BIOS also loads the "service mode" which contains parts for emulating legacy devices for USB, so your operating system without USB support can still use your USB keyboard and mouse. There are lots of things that work that way.
In principle a "smarter BIOS" might be good. For example OpenFirmware can do some useful things like architecture independent device drivers (stored as Forth source code on the ROM of the device).
The main problems with UEFI are that it doesn't have the flexibility of OpenFirmware and that it's a huge mess about the same size of the Linux kernel. (without device drivers in both cases)
Whatever happened to telepresence? From $2.5m deals to free iPad apps
Thursday 21st March 2013 20:52 GMT
About Skype and Security
Mircrosoft just released its 2012 "Law Enforcement Requests Report"
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
As you can see, they not only have the relevant data of who skyped with whom, but they also disclose it to government. Sometimes they even disclose the actual data.
Skype may be good enough to discuss your terror plots with your friends. In a business going to a proper solution is however worth the 10 minutes it takes to set up an Asterisk server. (or the few minutes it takes to set up calling via IP-Addresses)
Thursday 21st March 2013 11:53 GMT
Re: Cisco is the problem, Skype is good enough
"The routing may be all over the place, but as the stream is encrypted, why does that matter?"
Whenever you deal with encryption it is relevant who has the key. And with Skype, Skype has the key. That's why Skype offers to help governments eavesdrop on conversations. Get a packet log to Skype and proof you are the official governmental police official from Kygizistan, and they'll happily decrypt it for you.
In fact since Skype is seen as a telco in many countries they even have to provide facilities for "Lawful Interception".
Thursday 21st March 2013 11:49 GMT
If you want a budget audio-only solution that works use Mumble
Mumble is an open source audio conferencing software. It works kinda like IRC. You set up a server (or use one provided by one of the pirate parties or the CCC) and you have people connecting to it.
In a nutshell it sends all voice channels to everyone. It even has features to position the voices which is used for some computer games.
You can either use voice activity detection or you can use push to talk. If you use push to talk (which can be put onto any button you want) you can see who has pushed their button in the user list. That's a really important feature since there is no video.
Thursday 21st March 2013 11:43 GMT
Re: Ditto to Skype
From a security perspective I'd not let Skype handle sensitive information. It's just not secure.... then again, those commercial solutions also have a very bad reputation when it comes to security.
What we'd really need would be a SIP-based video conference solution. Then you could take any client, and you could even encrypt it or run it on your own VPN if you wanted.
Google adds validation to DNSSEC
Thursday 21st March 2013 04:04 GMT
The main uses for messing with DNS are of course...
censorship and advertisements. There are a lot of ISPs who mess with DNS for failed requests and tell it to point to their own server which then serves ads.
Further more many internet censorship plans mess with DNS in order to divert certain sites to a "warning" site.
Crack Bombe squad dismantles Reg encryption in an hour
Saturday 16th March 2013 20:20 GMT
This wouldn't be feasible in Germany
In Germany we are in general fairly anti-militaristic, at least by now. I think it comes with realizing what a bad idea WWII was. (surprisingly this is a realization which apparently only arose in the 1960s)
Plus the hacker community had some really bad experiences with the secret service community. The movie "23" is after all based on a true story. (with quite some artistic liberties of course)
So in Germany the 'bright minds' don't join such services. It just feels wrong to them here. That's just how we tick.
BTW This is actually how many Germans feel about the service sector :)
http://www.youtube.com/watch?v=LVYKwNQZCV8
Samsung's new co-CEO: 'Windows isn't selling very well'
Saturday 16th March 2013 20:10 GMT
Re: It would be nice if the PC OEMs learn something from this
Well actually today most PC OEMs support multiple operating systems. At least outside of the consumer business.
You'd not be able to ship a lot of servers it they couldn't run Linux and *BSD. If you sell to universities offering support for their flavour or Linux is essential as many departments depend on it.
Offering a choice of different operating systems was one of the design principles behind the IBM PC. That's why it load the bootloader off the harddisk. That's why it offers multiple kinds of hardware abstraction layers. Without any special drivers you can find out what kind of graphics card you have, you can even use it via the VESA interface. You can access your harddisk, your mouse. It's enough to find out what hardware you have an what drivers you need. I can just plop an old version of OS/2 onto new hardware and there would be a decent chance it would just run, just as well as I could develop an operating system on my PC and it would just run on anybody elses PC without any changes.
In the mobile world however there are no common platforms or standards. Sure you can port Linux to most of those by now, but the image for my phone won't run on another model. Everything needs to be ported to every device. This makes it so hard to separate the software business from the hardware business in that area. It's all like in the home computer age. An Amiga and a Mac weren't all that different hardware wise, but you couldn't run the same software on them. (There were however Atari 'emulators' running on one of them as far as I can remember)
The result was that each of those computers was it's own platform. The result was that software development was lumping along. Each idea had to be re-implemented again on each platform to get some traction. Ideas only popping up on one platform (something not to uncommon back then) either kept that platform going (think of the Atari and MIDI) or disappears with it.
There was one early platform which tried to be hardware agnostic in the home computer age and that was CP/M. Porting it to a new machine meant writing a BIOS for it, and patching one word for the size of RAM you had. (yes that's weird) We are kinda there with Android now, only that the hardware drivers are in the Linux kernel and not inside the flash. Also there's no way to find out what hardware you have inside your device.
The reason for all of this is of course stupid company politics. Of course once a common hardware platform emerges it'll take over all the rest, just like the PC did.
Microsoft Surface Pro sales CANNIBALIZING Surface RT
Friday 15th March 2013 16:40 GMT
They would have a simple way to boost sales...
Sell the Surface without Secure Boot and operating system, so the user can install whatever operating system they want. I mean there probably are a lot of solutions where you just need a "device" which will run exactly one piece of software in Autostart. Doing this with any older version of Windows or Linux or whatever it trivial. And even at the current prices, it is very competitive to custom devices.
Watch out, office bods: A backdoor daemon lurks in HP LaserJets
Friday 15th March 2013 16:27 GMT
"Telnet is "unencrypted, insecure and out of place in 2013""
Well first of all, the interface probably doesn't run telnet. Telnet is more than just "terminal via TCP/IP", it actually defines ways to exchange capabilities of the terminals like line lengths, etc. This probably isn't done here.
Then such a simple protocol may not be the the most current and hip way to do anything well defined, but this is a debugging aid. This essentially replaces a serial port on an internal pin header. There is nothing "out of place" there, it's just a sane and comfortable way of doing something.
The problem is, that this debug interface is turned on by default and apparently cannot be turned off. That's the problem here. If I pay for my printer, I want to be able to use any debug interface it has, and even flash it with a new firmware whenever I choose to. I paid for the printer it's mine and I want to do whatever I see fit with it.
Ten pi-fect projects for your new Raspberry Pi
Modder hacks SimCity for unlimited offline play
Thursday 14th March 2013 22:27 GMT
It always sounded like an excuse
I mean sure, hypothetically you could have more processing power "in the cloud", but then the problem becomes bandwidth. What's the use calculating a problem in a second on a server when the data transfer takes a minute?
Besides Sim City probably doesn't need to much CPU power. Sure it's complex with many things to consider, but in the end it's probably no more than many vector operations. Considering that todays computers can easily work with video in real time and even do things like motion estimation with it, a game like Sim City seems perfectly able to run on a normal PC.
Infinite loop: the Sinclair ZX Microdrive story
Wednesday 13th March 2013 11:01 GMT
Re: What happened to the innovation of the 80's
Probably, although even by 1980s standards this wasn't particularly innovative. Back then there were already systems like the LINC/DEC-tape, which provided random access with ridiculously simple drives. Those drives didn't even have a capstan. The system was designed so tape speeds were largely irrelevant after it was formated at a controlled one.
BYOD: Bring Your Own Device - or Bring Your Own Disaster?
Tuesday 12th March 2013 16:54 GMT
It will be a worse disaster than the PC age
Today's mobile platforms are at a 1990s security level. The treats they were designed to be secure against were treats against the business models of operators, hardware manufacturers and app-developers. The security of the data of the user never was a design criterion.
Plus we still don't know how a proper mobile system should look like. We are still years away from even basic safety measures like "full disk encryption".
Heck there are even systems out there where all the e-mail goes through a closed source gateway running with admin rights. And those are even the better ones as they claim to have some form of Flash encryption.
Then there's no sane way of updating your operating systems since the SoC manufacturers want the market to be fragmented so no single image can run on different models. So even if you had updates (which still need to go through the manufacturer) you'll still have next to no possibility to have a common patch level.
You can see what this means if you look back to old Unix, midrange or mainframe-based installations. Those don't need to worry about the text editor being exploited, mainly because the user only has limited rights, and all the data is stored centrally where backups are made regularly. It's much easier to manage the system that way as you only have a few systems to manage and they are just a few steps away in the server room.
Uni profs: Kids today could do with a bit of 'mind-crippling' COBOL
Tuesday 12th March 2013 07:16 GMT
Re: Revive Delphi!
Actually, it has been revived. There's an open source clone called "Lazarus" which has all the ugly things removed and platform independence added. It's great for GUI applications. At work we have made a little piece of software which compiles statically for Linux, win32 as well as MacOSX with only very minor changes. (MacOSX needs a few lines more to configure the language) It displays a time series of values and can do up to more than a million data points (then the RAM runs out) with 10 channels at decent speed. The display algorithm is fairly straight forward. There are no summaries made to speed it up. (would have meant a lot more code in our example)
The great thing was, that it was statically linked. So you just send the user a binary, he drops it onto his system and runs it. It just works. That's something .net will probably never be able to do since you'll always need the runtime environment.
Tuesday 12th March 2013 07:03 GMT
Re: Timescales?
COBOL was "good for another 10 years" for the last few decades. It simply is one of the technologies which are used in serious applications which won't go away. And since COBOL abstracts away the operating system to some degree, it's even portable. Just to contrast that, try porting a C program which stored integers in binary files from a 32-bit machine from 2000 to a 64-bit machine from 2010 if it wasn't explicitly using sized integers.
I know Java has been gaining some ground and for a while it looked like Java might become the new COBOL, but then Oracle killed it off with their famous "Java is not the new COBOL" statement.
So seriously, if you wanted to start a program which needs to be maintained for the next 30 years, you don't have much choice.
Microsoft exec selling his Surface tablet
Here's the $4.99 utility that might just have saved Windows 8
Sunday 10th March 2013 01:48 GMT
Missing the point
If you like Metro/Modern/whatever you install Windows 8, if you don't there are literally hundreds of alternatives. You can choose between dozens of multiple GUIs even on the Windows platform, plus you can switch to lots of other platforms. If you don't like it, don't buy it.
And if Microsoft wanted to do Windows 8 differently, they would have done so.
Cheeky Boston fires up x86-to-ARM porting cloud for server apps
Friday 8th March 2013 12:46 GMT
Uhm... if you have problems with porting from x86 to ARM...
... you are probably seriously fucked up already. Of course C was never designed to be highly portable, different platforms have different integer sizes, often not even powers of 2 and that's not hidden by the language, if your software depends on those things so much it cannot just be re-compiled from x86 to ARM you probably shouldn't be in the business of software development.
Seriously from the C standpoint x86 and ARM are essentially identical, both are 32 bit, both have the same endianes, the only thing that's different are the OP-codes, which is precisely what C hides from the programmer.
Of course if you are using any higher level language that should even hide more of the differences making porting even easier.
Single IPv6 packet kills Kaspersky-protected PCs, fix emerges
Malware-flingers can pwn your mobile with over-the-air updates
Thursday 7th March 2013 09:42 GMT
Actually the cost for signalling attack hardware has now dropped to the cost of some cheap Motorola featurephone, about 15 Euros, or 70 Euros if you want to have the modification so you have better performance.
The USRP SDR based solutions or the ones based on actual BTSes are more expensive, but they enable you to do everything the network can do.
SimCity 3000
Germans Joyn in the operator-backed rival to Skype
Thursday 7th March 2013 10:22 GMT
Joyn never was a good idea
It always was a feature only wanted by operators so they could still have a strong grip on the user. After all if you changed your mobile phone number you also would change your Joyn "handle".
They hope that it'll be just like SMS. First its free, then they can charge you through the nose.
Biting the hand that feeds IT
