2345 posts • joined 10 Apr 2007
Sadly I don't know which of several very broken "Western" "democracies" (hahahahahaha) you could be talking about here. It could be any of a few, each of which are rapidly sharing more and more in common with dictatorial repression regimes.
Re: You already know what happens next...
There's a difference. Many home ISPs enforce that outgoing DNS requests are redirected to their servers and this is easily done by rewriting the unencrypted DNS requests (TCP/53) to change the remote server from, for example, 18.104.22.168 to whatever the ISP wants. DNSSec will detect this as a serious validation error due to certificate failures. This is substitution and is underhand and why DNSSec exists.
Some ISPs, for example BT, just reject DNS packets going to servers other than their own and replace every request with what is effectively a redirection to a site that has a holding page spouting marketing fluff about security. In some ways this is a good idea as it protects the unknowledgable from potentially very damanging DNS attacks but for the rest of us is intensely annoying as there is no way around it without using a VPN as it's not a configurable option.
Unless Privacy Shield becomes a legally binding commitment, with rights for non-US organisations and citizens to pursue offending US organisations in US courts with the same legal privilege as US organisations and citizens then it is useless. The exclusions for "almost any vaguely official US organisation" to the data rules don't help either.
Did you mean something as hard as:
Get-AppxPackage Microsoft.OneConnect | Remove-AppxPackage
...and what parts of the OS do these applets use to download files using HTTP/HTML protocols? These are not standalone applets and while some functionality works without a full UI browser much doesn't.
Re: Higher Power?
Some things just aren't uninstallable. Because Microsoft have decided that they are part of the Operating System - there is no genuine technical need for them to be included. These crap things include Edge, Cortana, XBox and various other random bits of tripe that are installed by default and unremovable.
Re: This isn't about porn
They are halfway there. Expect more, much more to come.
Luckily we have the EU to protect us from the UK gov's desire for thought and mind control. Oh dear...
No, no we can't. How would the Daily Hate operate without an article decrying the sexualisation of children (which is, of course, the EU's fault) next to lots of pictures of "celebrities" and their children on beaches.
Re: One third porn?
Technically if just the fleshy bits are porn, then as long as the image/video is not zoomed in too much then it's very unlikely that it will be 2/3 porn. For a video, is the measure per frame or overall? So would a 10 second blah, blah, blah, warning or advert at the beginning and/or end of an online video mean average out?
All this is a fine plan. As long as I am able to use the personal details of my local member of parliament to "prove" that I am 18 or over. Unless they voted against this daft and useless legislation, however given the idiocy of party politics, doubtful.
...hard corn and violent porn
Re: For shame!
Are these things not left in phone boxes any more? Just asking because many phone boxes claim to have WiFi which might help with the streaming side...
Re: A powerful sense of dread
Meh. I'll reserve my hatred for every damn Operating System. Every one. They all have issues, they all do stupid things, they have crazy omissions, they all have stuff that I don't need therefore should be there :)
I'll use whatever OS is required for the task at hand, I'm not going to be blinkered by idealism. Unless one is talking about AmigaOS of course... :)
Re: Even when the audio works..
At last investigation, Skype uses three different dart boards. Sometimes these agree with each other, sometimes they don't. When they don't (which will happen on a previously working system before an important call) then Skype will operate in the most retarded, useless and uninformative manner and simultaneously tell the user that it's configured, testing, not working and not configured (no audio devices available).
I'm still amused how mine came out as "Rogan" once.
Re: Just the Tip of the ICEBorg*?
Any self respecting online Internet AI will make intentional "mistakes" otherwise we might think that they are a dog or, worse, a human.
Re: Just the Tip of the ICEBorg*?
What the bleep do SCADA systems have to do with ANYTHING discussed on El Reg?
You're new here and have just been trolled by El Reg's in house AI poster. We hope its an AI, because if it's not.. well... oh dear. Attempting to make sense of amanfrommars1's posts without the requisite amount of liquid inspiration will cause headaches. It will still cause headaches, but they pass quicker, given the appropriate dosage.
Re: Quis auditdiet ipsos Auditores?
"Who audits the Auditors ?"
The inquisition. Nobody expects them. Certainly not in Spain... :)
Re: Quis auditdiet ipsos Auditores?
I read it that he just got a copy of the data, in some form - it really didn't to be a native format, just an export, and took this offsite and uploaded it from a different system.
It's a classic case of data security vs usability - the only truly secure data is data that nobody can ever access, which really means data that you do not hold. Beyond this it's a balance of security risk vs usability.
This was data that had to be recorded, access to it was required and this access produced a certain level of risk. Morrison's responsibility is to reduce this risk to acceptable levels and beyond there is little more that they can do. Given that the previous case didn't highlight significant failures on Morrison's part it looks to be down to the individual in this case.
Re: You shouldn't be able to get to there from here.
It just needs the specific ports to the specific address / URL. And the same applies to bank access. There is no reason for a finance computer to ever need access to Google, BBC, ToR, Facebook or anything apart from a few dedicated, preferably hard-wired, connections. Ones that would be audited and under change control.
A nice thought, in principle. However with SSL, load balancers, CDNs and anti-DOS protection services it just doesn't, and can't work in practice.
Re: this is just the start of a very ugly battle for your home
How disappointingly true where what we, as in the ones not needing to be screwed over - both as users and likely given many commentards, implementors, need is simple, effective, reliable and secure standards.
Simple: Not some bastardised overkill of monstrous technology abuse which can only be implemented using a library with more code and dependencies that is sensible to use in a small device. No sensible device manufacturer is going to use something that requires a small computer just for simple functionality.
Effective: Tied in to simple, as in allows interoperability without complicated and unnecessary vendor and device specific exceptions. This would require effective standards which aren't controlled by single vendors.
Reliable: Also tied in to simple as in the simpler something is the less there is to go wrong with it. Multiple interacting state machines and vasy dependency trees don't make for reliable.
Secure: Appropriate security built in from the start, not tacked on as an afterthought - such security never works. Also ties into the above.
Re: major business software for Windows were made available for other OS
At one point in time MS spent a lot of time and money performing good user interface analysis and producing standards (for windows applications).
Unfortunately other parts of Microsoft just ignored these and bodged and hacked the "latest look" into the application, regardless of the OS it was running on, or just ignored it and did whatever they felt like because they felt they knew better - they never did. So a whole set of non-standard and sub-standard applications were released by Microsoft who produced these standards in order to avoid this mess. Genius.
Re: major business software for Windows were made available for other OS
Most major business SW that won't work on Wine on Linux or has no Linux or Apple versions is that way for stupid reasons.
Most of the software of this quality tends to struggle to work on Windows as well. At least reliably. Been there done, that, and I'm still amazed how developers manage to screw up things so badly that breathing on the operating system can bring down a separate app for no good reason whatsoever.
Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?
You're not going to get much processing out of anything at ~50nm in size. In this case there is a claim that a chip has been inserted and while it's small, it's going to be nowhere near ~50nm.
I am dubious mostly because of the speed and heat issues - in order to intercept and modify what is effectively cross bus information on the fly the intercepting chip needs to be rather fast otherwise the communication between components will be unreliable and a fast processing chip tends to generate heat. Put a generator of heat inbetween the substrates of a board and you're asking for (thermal) trouble.
Not impossible, of course, but rather unlikely. It's much more likely that a chip is inserted just on the board itself because this is going to be somewhat easier to achieve. Or alternatively to just modify the software that is on these devices in the first place - no physical trace at all then.
Re: Organic material?
There was an interesting demonstration how all you needed to create many organic molecules was some basic chemicals, a little pressure and lightning: https://www.newscientist.com/article/dn14966-volcanic-lightning-may-have-sparked-life-on-earth/
Re: If they can build it, someone will weaponize it.
A load of plasma hitting the satellite from a few metres will probably do terminal damage to the satellite anyway. They're well shielded, but not that well shielded - particularly the solar panels.
Re: Cant space lasers do this?
Yes, in theory. However given that they generally have to work by heating the material surface of the object to be de-orbited until some of it heats up and is ejected and though this providing a small opposite reacion. There are risks to this, becaues it could produce more debris, although admittetly hopefully in a very unstable orbit. However the downside is that without using an excessively powerful laser the beam because the object is almost certainly going to be rotating that applying enough energy in a certain spot for a long enough period of time is going to be very hard. Lasers can be used to provide motion through just the act of the photons hitting the object (external force), and this would be a more reliable and predictable method, however this is a very small effect compared to that of effectively turning the object into it's own fuel.
The plasma plan as listed here works through also being an external force and therefore not relying on the precise targetting required to turn the object itself into propellant and with luck shouldn't produce more debris - or at least should have a considerably lower risk of generating more debris. It will also be able to apply more external force in a shorter period of time compared to just a laser.
...and 100% of the IT literate people who know what they are on about know that AI is just marketing BS and at best what we'll get is human defined limited machine learning metrics, if that. So pretty much what any good monitoring software has been doing for years.
Of course money is important to Facebook. How does Facebook make money? Have anyone here, personally, paid any money to Facebook. They have huge storage, Internet connectivity, management and development overheads... where does the money for this come from?
- The (information stealing) apps and the cuts on the micro-payments within these.
- Advertising. This is very low income however when scaled out massively can still produce a good return, however untargetted advertising is nearly worthless.
- Profiling. Profiling trends in content and topics to sell to those who are interested. Ideally entirely anonymous, however then there's the temptation to link this to the advertising and feedback loops become possible.
Re: oh what a tangled 'web' we weave
I have never use the ridiculous "Facebook login" feature, nor the other brand alternatives, on any site. Nor would I allow a site that I own, manage or have any meaningful influence over to offer this choice either. Entrust your site security to a huge, anonymous, organisation based in a regime that has zero effective data protection laws? How about hell no?
Re: MOSFETs and clean rooms
Or electronically... storing emails or calendar items in the "Deleted Items" folder and then wondering why they can't find them later because they've been deleted (usually due to a centrally controlled purge).
I once had to physically demonstrate to one office manager the stupidity of storing things in a rubbish bin by shoving the contents off her desk into the bin under her desk and asking her if she expected them to still be there in the morning after the cleaners had been.
The lorry diesel pumps deliver fuel considerably faster than those intended for cars.
Sounds more like an update OS installation, but also, if I remember correctly, at this time Windows came preloaded with "suggested" ISPs depending on the region and these often installed some of their crap-ware by default.
Either that or the other agencies who are almost certainly doing/trying the same thing are either better at not getting caught, or have a little more influence over the "news" services so they don't get reported but the overseas "red" or "evil communist/dictatorship" ones are.
On the other hand, the UK is probably such a shambles that almost nothing useful or worthwhile happens, much like the government in general. Alternatively this could be a smokescreen... tin foil hats all round! :)
"Due to a lack of firmware updates, Samsung received criticism from original Galaxy users."
Ten years later and the update problem is still not solved. Yay, Android.
Luckily not all phone manufacturers are as bad at software as Samsung - generally great hardware but appalling software at every level. Seriously, Samsung Kies could win a prize as the worst bit of totally dysfunctional crap ever to have been vomited out of a huge technology and foisted on end users. The Samsung poor quality copy apps that get force loaded as "system apps" on every Samsung phone are no better either. Use Samsung mail or the Gmail? One barely works and is disgusting to use, and while the GMail app has its flaws it at least works, is functional and is updated. Which is the next problem with Samsung, and to a lesser extent a lot of the other manufacturers: Once a phone is released, pretending it no longer exists and/or is not updateable (for spurious reasons) after three months is not a useful "support" strategy.
Re: Debt = Bad
The other gem of the repackaging (and lying about) loans packages was that because the circle of loan packages was so obscured and front loaded (effectively a pyramid) the banks often found that they had underpinned their own package only to find it resold to them later. There were loan books with a nominal (pyramid/chain) value tens or more times the actual value of the underlying asset.
Re: Is it just me, or does SalesForce suck ass?
It's always been a reasonable system for managing pre-sales, after that point SalesForce starts to really show it's limitations. Yes, custom development can be put in along with all kinds of API led horrors, but in the end it's core business has always been about the pre-sales process. What people don't realise, until too late, is the limitations on the APIs and how it quickly gets very expensive but once an organisation has put the investment into it, it's hard to leave.
Very similar to a meme/joke I came across a while ago:
A programmers take on AI: A few more if statements have been added.
Fingerprint readers used like that are not MFA at all. A fingerprint is not a suitable replacement for a password. It's a rather good part of authentication when used either as the user ID, with a password as well, or in addition to a user ID and a password, but not in place of a password.
Seriously? Take potentially sensitive and/or personal data from within a business and send it, with no controls, to a regime that has zero effective data protection laws? No. Absolutely No.
It's why Cortana on a business desktop is utterly wrong, bordering on illegal, and really must be utterly disablable.
Re: This bit makes me queasy...
Is there any part of American society that does not have a $ value?
Ah. Oops. Oh dear. This could go wrong. Very wrong.
Re: Not a new technique...
While it's shocking to see sense deployed (particular in the US litigation centred economy) it's almost refreshing to see a change of heart and direction. Considering what I did to my Uni's systems, and these days I've have been booted out and given a cyber-criminal record as a "reward", and that the prison system is meant to reform individuals this is pretty much a very sensible outcome. One wouldn't want to encourage people to commit crimes in order to get jobs, but at least these days there is a growing sub-industry in white-hat vulnerability researchers. This white-hat industry is not going to go away and while the aim should to be to remove the need for it at all but, being realistic, it's a new industry and it's here and will only grow. Welcome to the new age of gamekeepers.
Sssssh. You're talking sense. Stop it at once before you scare them and they have to retreat to their "safe zone" or whatever the hell it's called today.
Re: "How the security department manages the human factor "
In the hospital's IT department's defence, it's because it's seen as easier (and safer!) to slash IT budget compared to reducing layers of management, particularly as trusts can't do anything about having been screwed over by the entire PFI business nor the hugel reduced amount of central government funding they get.
Maybe bible belt thinking?
Re: Not wishing to trust Big Gov, but--
You can indeed vote the media out: you stop consuming their products and they go bankrupt.
Unfortunately the Daily Mail group (owners, etc) are not yet bankrupt however the Stop Funding Hate campaign group has made enough of a difference that the DM group have started smear and disinformation campaigns. Which the Stop Funding Hate have published of course...
Re: Perhaps instead
Rudd spending her time usefully. The mind boggles.
Holding her breath so she doesn't steal oxygen?
Don't forget the sudden addition of a largely pointless security-theatre other factor auth scheme which requires a mobile device and an application that requires far, far too many privileges for the trivial job of smoke and mirrors. Apparently it makes the account more secure, however given that there is no way to guarantee the providence of the mobile device and the setup of it, it just makes it annoying instead.
Or just possibly that our ancient ancestors (maybe) were a bit bored and had nothing better to do. They didn't have enough language skills to make up religion, so doodled instead. Any similarity between this and modern office meetings is purely coincidental of course.