Meh, I wouldn't grant them a patent on the technique, some of us cam up with that idea as soon as we heard about QR codes.
And I've still *never* seen anyone use one.
Posts by David Hicks
1235 publicly visible posts • joined 22 Apr 2008
That square QR barcode on the poster? Check it's not a sticker
Stallman: Ubuntu spyware makes it JUST AS BAD as Windows
E-reader demand slumps, slapped down by slates
Thursday 6th December 2012 17:24 GMT
Re: No surprise
"Is the battery life really a bit deal for 99% of buyers..."
Err, yeah. Being a slave to the power socket with a tablet is far less fun than having a thing that just works for months at a time. You pick it up, press the button and start reading, even if you forgot about it for weeks.
I also find e-ink to be far kinder to my eyes than backlit displays.
Thursday 6th December 2012 15:38 GMT
People have ereades perhaps?
They've been out a while and (other than the backlight) is there much reason to upgrade?
That said I was thinking of getting my mum a kindle for Christmas, but someone above reminded me it's actually got some pretty big downsides - ebooks are often MORE expensive than the paper versions, which is ludicrous, and you can't borrow or lend them easily. So maybe not. Also she's only just got used to using 'the Google' (firefox) rather than 'the internet' (AOL) so introducing more tech to her life at this point might just be cruel...
Being responsible, creative and motivated means you aren’t
Operation Hunt the Hunter: Anonymous targets 'revenge porn' man
Wednesday 5th December 2012 14:33 GMT
Re: Good
"Actually not illegal UNLESS he explicitly said ... "
Wasn't saying it was illegal, the point of that post was that the guy is a worse arsehole than some of the other bottom-feeders that usually post these pics purely for titillatory purposes and not as a way to expose them to friends and family, or enable stalking.
There was some debate about the 'legal firm' trick as to whether it could be classified as extortion. Still not sure if that was the same guy, mind. And either way, legality is moot, the guy's a slug, which is an insult to slugs.
Tuesday 4th December 2012 14:55 GMT
Re: Legal situation
I was under the impression that release forms were more of a nicety than a necessity. Though if the site is US based it may fall foul of the necessity to keep records of the ages of the victims....
Meh, there's a whole mess in this area, evidently Senor Scumbag has managed to slither through the gaps well enough up until now.
Tuesday 4th December 2012 14:28 GMT
Re: Good
@Eguro
"Well I'm fairly sure that publishing photographs of (almost) any nature of a person without permission is in fact against the law."
I'm pretty sure it's not, I think that's your first problem. Especially of folks in public places. If the pictures were taken by the person uploading them (who therefore holds the copyrights) then the site has the right to publish and whoever is in the picture has no rights at all, particularly not to get the pics taken down.
If the uploader was just a recipient of the image and not the original photographer then it's possible that a DMCA takedown could be legally effective, and a civil suit could be prepared against the uploader.
The only time I think this sort of thing would become illegal in the criminal (rather than civil) sense would be if it could be shown to be harassment. IMHO, IANAL etc etc
Make no mistake - this guy is a class A scumsucker, I'm not defending him in the slightest, I just think you have a charmingly naive view of the protections offered to you by law :)
Tuesday 4th December 2012 14:18 GMT
Re: Good
"In essence, he is no more culpable than those sites that put up pics of nudists or public topless sunbathers as pr0n."
You know, except that whole linking it to facebook profiles, real life people, threats to link it to maps to allow stalking. You know all those things that make it far worse?
Not that I'm defending other sites that put up naturist or revenge pics, but they at least don't mix harassment in with their obscenity. I'm not sure if it was this guy but there was a site that hit the news recently that did much the same, and replied to any form of request for pictures to be removed with a link to another site claiming to be a legal firm who would issue the correct takedown for a low, low fee of only a couple of hundred dollars. Pretty damn despicable...
Clap Google, Amazon in irons to end tax shenanigans - MPs
Tuesday 4th December 2012 12:35 GMT
They have access to our market, and use our common infrastructure, morally they should be paying tax on their profits like everyone that runs a UK business is expected to. Basically, they're not paying the price of entry.
Even if everything they're doing is entirely legal, that does not itself mean it is moral. Seeking profit above all else, to the very edge of the law, is not inherently good or right. In countries where there are no environmental protection laws, is it moral for a company to maximise profit by just dumping its waste products into the nearest river?
Monday 3rd December 2012 22:42 GMT
Rubbish
Utter rubbish.
Sales taxes are regressive and hit the poor worst.
What's more you'll find that if you apply this to companies they'll coalesce into single legal entities to avoid selling things between each other, therefore avoiding absolutely all tax.
You've come up with an AWESOME formula for impoverishing the poor and middle classes.
Monday 3rd December 2012 17:44 GMT
Re: @Chris Miller RE: Stemcor
@Chris Miller
There's a third option - it can be shown that Amazon, Google and Starbucks are profitable in the UK but move profits abroad via various tax-avoiding means (this *is* the case), whereas Stemcor is genuinely having a hard time of it (I have no idea if that's the case).
I have no love for politicians of any stripe, but these allegations seem MIGHTY convenient to me. Totally agree it should be looked into, personally I think everything the politicos are into ought to be investigated, but I'm not convinced this is the same thing that the big multinationals are up to.
Monday 3rd December 2012 16:55 GMT
Re: Their obligations?
I love this argument - that everything right up to the edge of the law is somehow acceptable and 'right', completely ignoring any idea of social responsibility on the part of the people who make up these companies, who are supposed to be moral/ethical/sentient beings themselves.
Is it right that in countries with lax environmental regulation, that companies should just dump pollutants in the rivers? Or is it right we call them out for being immoral, exploitative and unethical?
Is it right and moral that companies use child labour and sweatshops in countries where that's allowed, in order to keep costs as low as possible so they can skim a slightly larger profit margin from selling the resulting goods to the west?
Me, I reserve the right to call the people running those types of companies (from my examples above) immoral and probably even evil, despite the fact that they're within all applicable laws.
By the way, I'm not trying to say the folks running Google, Amazon and Starbucks are evil, I'm just saying that the argument that companies are exempt from moral judgements over their actions is nonsense.
Monday 3rd December 2012 16:42 GMT
Re: But what about muh socialism?
@GotThumbs - "I think Amazon should say....Screw em and don't do business in those countries at all."
Awesome, because it would be far better for them just to up and leave rather than pay a percentage tax on their profits.
Do you understand what a PERCENTAGE tax on PROFITS is? Idiot.
Monday 3rd December 2012 16:26 GMT
@Chris Miller RE: Stemcor
This seems to be a red herring as Stemcor is UK based and reports a low level of profitability - 1% - in the last year on record. A turnover of billions doesn't mean a profit in the billions.
I'm not saying it shouldn't be looked into, it absolutely should and not least because a politician is involved, but this doesn't seem to me to be a game of shipping profits around to the most favourable place as is being played by amazon et al.
Dell launches Sputnik Linux Ultrabook
Thursday 29th November 2012 15:50 GMT
Re: They are giving the middle finger to microsoft at last!
I guess I never consider support beyond hardware failures, which should be the same, because as a competent software developer I support myself.
If they're going to start offering linux to consumers I can see it, but this is aimed at developers.
I'd still rather be able to buy one with no OS and no support contract.
Thursday 29th November 2012 15:23 GMT
Re: They are giving the middle finger to microsoft at last!
Economies of scale don't really apply to a situation where the hardware is the same but a different OS image is added. It's not going to add hundreds to the price to flash a slightly different image to the exact same hardware.
Now, I can see them wanting to recoup any development effort they put in by charging for it, fine, that could explain it just fine.
Still, don't hold your breath for Dell UK to get the picture. They flat-out refused to sell one of these without Windows when I enquired, and made no mention that they might be able to meet my requirements for an MS-free laptop in the near future.
Raspberry Pi daddy: Stroke your hardware at night, land a job easy
Thursday 29th November 2012 13:47 GMT
Re: Damn right
It depends what you mean by stand out.
Competently producing high-quality work to schedule is enough to stand out in a lot of places. Believe me, I've seen a *lot* of software shops that could vastly improve by having a few of these people on board. They may not be producing kernel device drivers or contributing to the Go runtime in their spare time, but they're head and shoulders above a lot of what you'll encounter in our industry.
Of course you want the device driver and Go folks if you can get them at a reasonable price, but these types are very few and far between.
Thursday 29th November 2012 10:54 GMT
Re: Damn right
I know plenty of folks making good money doing solid work at major corps, some of whom don't even have a computer at home. While I would look at enthusiasm and outside interest in a candidate without experience, not everyone that's good at the day job is obsessive about it at home too.
Maybe most of the best ones are, but not everyone can be the best and not everyone can hire the best, sometimes industry-average is fine.
TVShack O’Dwyer strikes deal to avoid US extradition
Wednesday 28th November 2012 17:33 GMT 
It's a trap!
El Reg needs an Admiral Akbar icon for this.
Next week we'll be reading about how surprised everyone was when he was arrested at the airport as soon as he cleared immigration.
This whole thing is a sham. If he committed an offence he did it here, in the UK, and should be charged under UK law. Same with that McKinnon fellow.
Annual reviews: It's high time we rid the world of this insanity
Wednesday 28th November 2012 13:19 GMT 
Contracting definitely has its appeal
I have a project. If I do the project on time and to a good standard we're done. Maybe I'll get another, maybe I won't, maybe I'll take it, maybe I won't. Maybe I'll raise my rates, maybe I won't.
But there's no bullshit appraisal based on management opinions. There's no writing down your useless goals for the year which are irrelevant a month later, never mind a year later when you have to try and twist what you actually did into a narrative that somehow supports what you said you were going to do, despite the fact those goals were discarded ages ago and you did an awesome job on whatever the hell else it was you were doing but somehow that might not count because it doesn't align with the agreed targets and anyway you haven't been engaging with the wider company and perhaps we can push for a little more leadership training in the next period and would you like to write an article for the staff news letter next month and by the way we've got an all-hands staff meeting this afternoon that's going to take three hours but be entirely content free because the visiting that exec has mastered the art of saying long strings of vaguely encouraging sounding words without conveying anything close to what might be considered a fact, factoid or piece of information in them......
Bugger all that for a lark.
Ten technology FAILS
Tuesday 27th November 2012 18:23 GMT
'I don't really need to pay £15 for a BD to just see better pore definition on some actors face'
Oh but High-Def is a *great* leveller.
You realise that the prettiest people that hollywood has to offer, even with all the makeup artists money can buy, still have bad skin and even the occasional lady-moustache.
Tuesday 27th November 2012 18:17 GMT
Re: Linux?
Yeah I know, "The Year of the Linux Desktop" perhaps deserves the fail tag. Though I'm not convinced that was ever anything but a taunt by the 'anti' side.
Linux is incredibly mainstream though. It's the most popular smartphone kernel, it's on a lot of wireless routers and other infrastructure, it's in your tv, it's running your ISP servers, it's on credit card terminals and it's in a hell of a lot of other places. You're quite likely to have more linux devices in your life than windows ones (unless you're a sysadmin!)
Perhaps we ought to change the ironic slanging to "next year will be the year of the GNOME desktop" ;)
/flame on!
Amazon's secret UK sales figures revealed by Parliamentary probe
Tuesday 27th November 2012 11:49 GMT
Re: Previously...
There are many side effects of taxing corporate profit rather than sales. In theory -
- Struggling, barely profitable companies get to keep employing people without having to worry about the extra tax/sales disincentive that would come about if your plan was put in place
- It encourages reinvestment into the business. Why pay tax on profits if you can plough much of it back in and make the company even better?
- It hits those that can pay (profitable companies) vs indiscriminately applying to people who may or may not be the best targets. As the other poster mentioned, VAT is regressive.
The theory breaks down when profits can just be spirited away though.
Tuesday 27th November 2012 10:59 GMT
LOL@Intellectual Property
'This is how EU entities pay for the use of Amazon’s technology and intellectual property, which is primarily developed in the US'
That might be an entertaining diversion if Amazon in the UK/EU/Wherever was an independent entity with a relationship to the parent something like a fanchisee, but that's not the situation is it?
Pong creator turns nose up at Nintendo Wii U
Monday 26th November 2012 14:11 GMT
Theoretically I should be able to pair a PS3 controller...
Could do that with my N900 and the emulators I ran on it. That and tv-out made for much Sonic related joy in various hotels I found myself stuck in.
I assume that I probably could do the same with my newer android phone, but it doesn't seem that easy.
Nickers nab Assassin's Creed cache in Benelux blag
Wii U 'has been JAILBROKEN' via legacy games, say homebrewers
Wednesday 21st November 2012 17:57 GMT
My Wii is jailbroken
Nintendo didn't seem to put anywhere near as much effort into stopping it as the other console makers, and I like that a lot.
I could load the homebrew channel to run non-approved software. Some nice team or other made a homebrew browser (I suppose we'd call it an app store now). I could run an isoloader so that I could play the games I bought and ripped from a drive - far faster than the optical drive and no messing about with disks. I could rip games to play on Dolphin on my PC.
I hope the U is fully broken before long, I might get one if I can do my own things with it.
'Rare for tech not to be involved in child abuse cases'
Wednesday 21st November 2012 14:56 GMT
I'm sure there is truth underpinning this report somewhere
I'm sure many concerned people were honestly horrified by what they found. I'm sure they put the report together as best they could and with as much honest gravity as they could. I'm sure that they did their best to convey the seriousness of the situation to those that could convert concern into action.
I'm also sure that in the past we've seen minor errors at multiple stages that have resulted in scores of kids being removed from loving homes. Tread carefully.
PGP Zimmermann teams with Navy SEALs, SAS techies in London
Wednesday 21st November 2012 13:36 GMT
Re: 3 questions
@Paranoid AC
Oh I see, you meant to be compliant with the law! Of course I considered the legal landscape - I was looking at ignoring it completely and rendering it ineffectual. I guess it comes down to whether you prefer compliance and legalit or security and maybe being imprisoned.
I mean, of course you can't have properly secure comms and comply with all the various laws, the laws are specifically designed to prevent real security. You only have to look at the UK where many standard TLS ciphersuites could be interpreted as being illegal because you can't provide the government with a decryption key afterwards.
I don't think it would be that hard to secure a persons audio comms using decent tech and a reasonable frontend. I don't think it would be that hard to do it in such a way as your comms are unbreakable, even to you (after the fact), but that doesn't mean you wouldn't get put in prison for using whatever I designed.
Usability, flexibility, whatever else are really no more difficult to overcome than the tech issues, IMHO. But you absolutely have to start with the absolute knowledge that you *cannot* have real comms security without the user taking some extra steps - for instance meeting, in person, the folks that they want to talk securely to and using something like NFC to perform a 'bump' certificate exchange/cosigning.
I'm not saying these guys are doing that or are even any good, mind, I haven't looked into it.
Wednesday 21st November 2012 12:59 GMT
Re: 3 questions
@kyza - Pls forgive density in this question...is this the equivalent of, or similar to, a one-time pad?
If this was directed at me....
OTPs are designed for encrypting smallish messages, and the pad itself must be exchanged between parties ahead of time. Generating and exchanging enough OTP data to carry on multiple phone conversations (you'd need a pad for each side) would be a hassle and you would have to top up your pad with face-to-face contact every so often.
OTPs also do not provide the protection of a proper authenticated encryption scheme, either. In the way they are typically used it's perfectly possible that a message could be altered in flight (say by a compromised router) if you make certain assumptions about the format of the underlying data. Using a GCM-like system protects against this. This weakness is something I thought of off the top of my head and I'm not even a crypto expert, just an interested amateur. I'm sure there are other weaknesses an expert could point out.
Wednesday 21st November 2012 11:59 GMT
Re: 3 questions
Re: Question 3, I'm not sure what you mean by 'Really Secure' but using standard encryption methods you can get to the point where it's basically impossible to decrypt things.
By 'standard methods' I mean a proper authenticated encryption* scheme, public/private identity verification using private trust infrastructure and an ECDHE style key exchange mechanism with frequent changes and disposal of session keys. Recent versions of TLS implemented in well-audited libraries will do a lot of this for you.
In the case of data streams created like this they cannot later be decrypted by anyone, including the original parties, as all the keys used to encrypt the data are long gone. Legal sanctions then become useless.
(*authenticated encryption does not mean encryption with RSA-style authentication, it means schemes like GCM)
Evildoers can now turn all sites on a Linux server into silent hell-pits
Wednesday 21st November 2012 11:46 GMT
Infection vector?
That's the more interesting part to me. Do we have a malicious employee? A remote exploit and then privilege escalation? Just some weak passwords?
The only time bad things happened to my public facing linux machine were during the time when it really shouldn't have been public facing and had horribly weak passwords. I was still half-way through adding kernel support for the platform, the root password was 'root' and root SSH access was allowed. Not that that's how they got in, first they gained access to the 'dave' user (password 'dave') and then spent quite some time guessing at root.
The eventual attempt at using their new-found power was full-on retarded though - they created a ramdisk (on a machine with 32Mb of RAM) and then tried to run a shoutcast binary, compiled for x86, on an experimental ARM box....
Ten Linux apps you must install
Tuesday 20th November 2012 13:58 GMT
Re: Normal people don't use Linux
I'll say here what I've said before - If you can't make one of the friendlier Linuxes work for you, and after days of struggling, then you have no right working in this industry.
It's really not that hard, and as much as you think you're showing us how broken linux is, you're really just exposing your incompetence. Which is why you've posted as AC no doubt. Wise, nobody I know would hire you after that admission.
Sony coaxes indie Vita, Android developers with $99 SDK
So you broke our encrypted files? Ha! They were DOUBLY encrypted
Thursday 15th November 2012 14:02 GMT
Re: If you encrypt something more than once...
@Arion -
Good point on the re-encryption. Must be that it just doesn't help when talking about double DES.
You're wrong about it being algorithmically secure, by the way, check wikipedia - there are three known attacks, one of which requires time equivalent to 2^39 - 2^40, quite a bit less than 2^56 brute force. From what I remember this may be down to a badly designed S-box.
Thursday 15th November 2012 11:37 GMT
Re: If you encrypt something more than once...
It's not a simple question.
I'm not sure that's really what's going on here - I think it's storing encrypted files remotely and transferring them over an encrypted link, meaning they can't be spied on in transit and the data is useless to anyone unauthorised anyway.
On the broader issue - it's already been said that it depends on the algorithm. Triple DES is an EDE mode where you single-DES encrypt with one key, decrypt with another then encrypt again with the first. The mathematical properties of DES are such that just encrypting twice with different keys (Double DES) doesn't help and may in fact be worse than just single DES.
It seems to be better to use a stronger algorithm like AES and a longer key length. In the appropriate (GCM type) mode of course
Fart-buster underpants selling well among Japanese salarymen
China strikes blow for property rights, British move to collectivism
Thursday 15th November 2012 11:46 GMT
'the desire to see a digital realm free of property rights or permissions'
*cough* *bullshit* *cough*
Western democracies have done exactly the opposite over the last two decades, giving in to the IP lobbies to allow ever more stuff to be 'protected' with bogus patents, to make DRM legally enforced, promote the abuse of copyright to kill grey markets, the list goes on.
Google stealthily coalesces UK music cloud into being
Thursday 15th November 2012 11:06 GMT
It's necessary
I'm glad it came here, because it's a very necessary service - when you're offering your flagship phones without SD slots and only 8-16GB of onboard storage, something had to give.
I still don't get why exactly they hate the Micro-SD slot, and why they don't add more capacity to their phones if they won't provide it, but at least with this you can access your music on the move. Still I reckon I'll be sticking to Galaxy, rather than Nexus, devices for the forseeable future.
Mobile phone sales slump bites Nokia
Thursday 15th November 2012 01:45 GMT
Re: Wow... so Samsung then
I am genuinely puzzled. Not annoyed but puzzled. What is the psychology of someone that gives me a downvote for an expression of surprise over some market share figures? I haven't showed favouritism to any one company, or even approval or disapproval of the figures compared to others. So why?
Many, many of the things I say on the internet are objectionable, partisan, foolish and stupid. This time I can see it. Are you, dear reader, the one that gave me the downvote? Could you explain? Genuinely befuzzled by that.
Biting the hand that feeds IT
