HSDPA promises up to 337.5 Mbit/sec but I rarely see more then about 1-2Mbit/sec on my phone.
So in reality is 4G going to give me something like 10Mbit?
5659 publicly visible posts • joined 15 Mar 2007
Not always - sometimes the premiums are so high (due to the risk - oddly enough) that companies decide to go without and make that gamble themselves. But usually though just for the first flight or two of a new design of rocket, etc, where the risk is high/unknown.
There is always the RedFox software tools to rip/bypass BD disk DRM and let you play what you bought as you want to.
Or simply wait for the 4k files to appear on some torrent, as they always do. Such a shame the movie studios seem not to realise that playing paid-for content should be the easiest and most pleasing experience of all.
You will never stop a SUFFICIENTLY determined and well funded advisory. But the current system is routinely screwed up by incompetence (here), or by a local CA being leaned upon or hacked by a government (see http://www.theregister.co.uk/2011/09/09/gmail_diginotar_security_alert/ for example).
It is a fundamental problem with the whole system. Basically it takes only 1 out of hundreds of CAs to issue a mistaken or malicious certificate and the chain of trust is broken. As such, it is not really anything you can trust at all. CA pinning is an attempt to reduce the scope of such failures, but it is a band-aid to the situation.
But then many folk just ignore browser warnings anyway :(
Exactly. The "a single smart hospital might use up to three terabytes of data per day" claim points to the fact they should have wired the place properly for most devices, and for those needing wireless has numerous low power access points.
Actually, lets revisit that last point - WTF should a life-critical device be doing depending on wireless that could be jammed easily for ill intent, or accidentally by someone’s broken phone they forgot to turn off?
"The fundamental problem is one of lack of trust combined with arguably excessive government authority, or at least power"
That is one of the big issues, the 2nd being simple incompetence or corruption. If you have the secret keys to everyone's private communications escrowed with every gov agency world wide who demands them, just how long until the well funded criminal gangs also find a copy?
So would we then see a special dispensation for the keys to gov ministers or leaders of big business? And would any of those politicians calling for this be willing to bet their own pension schemes on it not going wrong in practice?
Thought not...
"As a result, the core must be 100 percent verified as not permitting vulnerabilities or dual-purpose code"
That sounds very much like the old goal of a true micro-kernel where the ring-0 stuff is REALLY SIMPLE and thus possible to have near-perfect verification of it. I say near-perfect because you can't rule out buggy CPUs or tools, etc. For example:
http://www.theregister.co.uk/2014/07/28/aussie_droneprotecting_hackerdetecting_kernel_goes_open_source/
The past objection to the micro-kernel approach was the performance penalty of switching in/out of ring-0 to do serious stuff. That is why MS abandoned the pure vision of Dave Cutler original VMS inspired NT3.5 and stuffed video drivers in there, etc, for NT4 (and thus BSOD became a much bigger issue) and Linux never even went there. For a bit more on that debate:
http://www.cs.vu.nl/~ast/reliable-os/
How quaint, the idea that a facebook profile is actually valuable enough to pay to back it up!
Normally my advice is to delete your profile every year or so, create a fresh one with a new (disposable) email address, and then invite the few friends who were the least moronic posters from your last incarnation.
"Outlawing encryption would only disadvantage the law abiding and ignorant"
You mean the majority of people? Makes you wonder how much is to do with any real threat and how much to do with general economic espionage and allowing councils to spy on those putting rubbish in the wrong bins or sending kids to school outside of the catchment area.
"Microsoft didn't test German-language options properly?"
Remember this is the company where the OS (win7 is latest I have used) would allow you to change the language of the keyboard. Per application.
FFS! Who in their right mind thought "you know what, when someone using a German PC plugs in a UK keyboard and sets the keyboard mapping to match, lets make them do it for every fsking program they try to use, mkay?"
"Mocking, victim blaming and traditional unrestricted capitalism have all failed to win this war."
The thing is it is unwinnable, just like we still have home burglaries and cars stolen. And it won't get any better because nobody is working to reduce complexity and improve security in any meaningful way. Most of what we get in terms of new stuff is aimed at whoring us to advertisers (thank you MS for following Google) or selling us IoT tat that rarely adds real value but almost certainly adds to the attach surface.
Will we ever see security being held above convenience or fashion?
Custom hardware is an issue, but that is a fairly small sector for most people. Of course, if its RS232 or fairly standard USB then virtualisation is fine for all but very high performance applications.
Latest games - maybe, but are they really worth whoring out your privacy for? Thus sticking to Steam for Linux, for example, would also tell the games industry that you are not happy with MS' new direction.
There are now on-line guidelines to hardening various popular* OS for gov work here:
https://www.cesg.gov.uk/eud-guidance
Most of the advice is also sane for business users, etc, as well so worth taking 5 min to read it. And yes, they do have guidance for Ubuntu as well =>
[*] That includes Win10, which is not so popular in these parts due to the forced upgrade policy and telemetry. But of course the guide assumes you have the most expensive enterprise edition where you still get the right to disable most of that.
Sure the plods will simply target points "outside the envelope" but that takes significant effort to do so. For example hacking a phone, or installing listening devices in cars, etc.
All are possible and known spy/surveillance technologies and I don't worry too much about that because it is expensive and time-consuming to do, that alone means it has to be targeted at important stuff. A far cry from the abuse of easily intercepted stuff we see done by spy agencies, councils, border control, etc, etc.
Agreed, there should always be real evidence, not just a phone's contents (which could be planted if the phone is hacked or insecure by default). In Scotland there has always been (I'm simplifying a bit, and this might change though..) a requirement for corroborating evidence, i.e. a second aspect that is necessary for a trial to proceed, let alone to secure a conviction.
The problem with asking a policeman what they want is they will ask for whatever makes their job easier. That is basic human nature. And given most of them are honestly trying to solve crimes, they usually dismiss suggestions it can and will be misused because they (i.e. the one you are asking) is not planning on doing that.
Sadly though not all police are honest and trustworthy and once politicians are involved you are dealing with a proverbial moral slime-pit of self interest and dodgy dealings, and of course there are criminals out there as well.
That is why I am in favour of decent end-to-end encryption by default, everywhere, because you just can't trust people, of any profession or any reputation, to not fuck up deliberately or unintentionally and use whatever powers they have wrongly. They can already get the metadata of who talked to who, etc, and that should be enough for a proper investigation of the suspects in the old way of getting out there and gathering physical evidence.
And long before that we had ephemeris time (1952), and then TDT (1976), and then GPS from 1980 using continuous time with a leap-second offset rather like a time-zone.
As I keep saying IT IS A KNOWN FEATURE and if your code can't handle it gracefully you are incompetent due to either:
1) Not using tested system libraries to handle time, delays, etc.
2) Writing or modifying said libraries without knowing what you are doing.
And most of all NOT TESTING YOUR DAMN CODE! Really, just set up a fake NTP time server and have it generate leap seconds regularly backwards and forwards and see if your code works.
"Will people be ready for that one?"
Well the one that followed the aircraft-bothering incident went with practically no issues at all. Simply because folk had woken up and tested things for the inevitable occurrence of another leap-second.
In fact the Linux bug mentioned had been created by somebody modifying already-working time related code and not testing the damn thing for this situation. As others have already said, leap seconds and means to deal with them have been with us for decades already so its not new stuff. But every new generation of code monkeys seems to be able to break things...
"if you actually watch it"
Given the iPlayer is their own web site, why not just tie access to the TV licence?
You know, allow a couple of IP addresses or player ID strings, etc, per day from a given license and job done. Most UK broadband users will still be behind IPv4 NAT anyway so multiple devices in a home will appear as a single IP address.
Sadly yes, I also remember NT4/2000 fondly.
But the rot started with XP and "product activation" for me, the first sign that MS believed they controlled your PC and you now needed permission to repair/change hardware.
Really there is a need for new regulations to make sure that certain critical systems are simply not modifiable in any way via on board communications.
At one time the "emergency brake" had to be a physically separate mechanical system to deal with the possibility of hydraulic failure (in the days of single circuit brakes). That seems to have been relaxed but really now it seems there is a single point of failure in the on-board computer and that should not be allowed.
Same goes for power steering, so far my cars have only had independent hydraulic systems for that and the range of things that can go wrong, and go wrong suddenly are pretty low. I really don't want to change that.