* Posts by Charles 9

16605 publicly visible posts • joined 10 Jun 2009

Dems fightin' words! FCC's net neutrality murder plot torn apart

Charles 9

Re: Huzzah

But that brings up the subject of "bullhorning," where one uses his or her freedom of speech to drown out everyone else's. That's why we have the "Fire in a Crowded Theater" test for rights that otherwise have no restrictions (none are explicitly listed in the 1st Amendment): there is ALWAYS the implicit restriction that one's rights can't be used to suppress the rights of others.

Charles 9

Re: "Taking direction from president Trump"

But corporations ARE citizens, remember? By Act and by Supreme Court rulings. The trouble is what happens when the rights of two citizens clash? Since rights are involved, majority rule can't apply (because otherwise you have Tyranny of the Majority), but sometimes the argument can't have a winner because SOMEONE's going to get shafted (like trying to dodge Tyranny of the Majority only to get Tyranny of the Minority instead with no middle ground).

Hotspot Shield VPN throws your privacy in the fire, injects ads, JS into browsers – claim

Charles 9

But if you assume full DTA mode, isn't it prudent to assume ANY server hosting provider would have the capacity to snoop on your session, no matter how it's set up, simply because it's the host and happens to control a point outside the encryption envelope? That not even countries with privacy protections written into the law can be considered safe (because they may engage in extrajudicial activity on the sly)?

IOW, if you must assume DTA mode, wouldn't your best bet be to simply get off the Internet altogether?

No chips for you! Toshiba takes flash off the menu for WDC

Charles 9

But WD is countering Toshiba slammed the door in their face...five minutes early, just because they were walking up, even though they hold a contract with both their names on it.

Charles 9

NOTHING'S clear if a litigant doesn't want it to be. Lawyers could argue the meanings of Newspeak words (read: as objective and concise as possible) if they felt it gave their client an edge. They'll argue no means yes, buy means sell, that the butter is blue, and say it with absolute confidence and a straight face.

Charles 9

Re: Try a new approach

"And Toshiba don't want to sell to "anyone", as this includes Chinese or allied companies and Toshiba (or their government) don't want to transfer technology in that direction."

Except an acceptable offer has already been made: by a consortium that has the blessing (and backing) of the Japanese government. If Toshiba were allowed to take the offer, everything can stay home and they can wind down more at peace. But WDC sued to block the offer because they want in.

Charles 9

Re: Try a new approach

The problem with your idea is that in that case neither company was on the ropes. Toshiba figures it's fighting for its continued existence, meaning no holds are barred. That's why the fight with WDC is so ugly; Toshiba figures ANY move by WDC is just an inroad to a buyout, and Toshiba would prefer anyone else to buy them.

UK IBMers lose crucial battle in pension row

Charles 9

Re: Pot in a hat.

Then how do you deal with inflation which constantly devalues mattress money?

Charles 9

Re: It's not funny.

Thing is, breaking a promise where money is involved usually has legal repurcussions, as that typically can get sued or even charged as Breach of Contract.

Internet's backroom boffins' big brainwave: Put people first in future

Charles 9

Re: sometimes you need a very simple clear rule like this to stop the BS explosion

They could just stick with what's already there and just build on top of it. Consider Facebook, Google, and many of the Internet giants who are big enough to create and actually have their own internal networks. These companies probably have the power to go it alone.

Charles 9

Re: sometimes you need a very simple clear rule like this to stop the BS explosion

The thing is, it's not the end users who plunk down for the infrastructure. If commercial interests feel they're being ignored or slighted, they could retaliate by ignoring the IETF and going it alone. Unless the IETF has the backing of law, say by imposing fines or barring access, they have no power to stop a unilateral action like that.

To truly stay anonymous online, make sure your writing is as dull as the dullest conference call you can imagine

Charles 9

How about just saying everything anonymous in a language designed to not be stylistic, like Newspeak?

No vulns. No hardwired passwords. Patchable. Congress dreams of IoT: Impossible Online Tech

Charles 9

Re: @AC ... @Gene Cash

And as long as (inherently error-prone) humans have to interact with it in some way, shape, or form (and humans BUILD the things), security will never be 100%

Ergo, you can't have a system at all. In economics, it's like the demand being disconnected from the supply: their graphs never intersect, meaning the market cannot be fulfilled.

Charles 9

Re: @Gene Cash

You speak as if the two are mutually exclusive. What if they're not?

Charles 9

Re: "must not have any known security vulnerabilities, must have the ability to be patched"

"Is any software ever free of all potential security vulnerabilities?"

Formally proven software?

In the red corner: Malware-breeding AI. And in the blue corner: The AI trying to stop it

Charles 9

Re: So it's Core War played with "real" virtual processors between machines

I believe you mean combinatorial explosion. For a while, I was thinking Traveling Salesman when you mentioned it, but perhaps Sudoku, Chess, and maybe Go are better example. Basically, the complexity increases on an extreme scale—geometric or factorial, say—for each step up. Easy to see why we probably won't see an 8-instruction optimizer except for maybe RISC instruction sets.

Charles 9

Re: Maybe

It's not supposed to. The next step would be to create a less-obvious Ostrichization, then to detect it, then to make it less detectable, and so on, until either they can't Ostrich it any better or they beat the noise floor, by which point the detector would fail on account of false positives.

Sorry, psycho bosses, it's not OK to keylog your employees

Charles 9

Re: Above the law?

Unless, of course, there's an exemption under that particular country's law. For example, there are working agreements between countries concerning embassies.

Charles 9

Re: This seems similar to the global snooping (encryption) issue.

In the US, we call the principle "Fruit of the Poisoned Tree". If evidence was obtained illegally, then ANY subsequent evidence that the one piece led to must be thrown out as well. Meaning, if the tainted evidence was the linchpin of your case, you just lost your case. Now, if you have other evidence to present, you can still present it, but because juries cannot UN-learn something they weren't supposed to learn (thus creating uncorrectable bias and thus tainting the entire jury), illegal evidence can present grounds for a mistrial.

Dirty carbon nanotubes offer telcos chance at secure quantum comms

Charles 9

Re: What happens when you amplify this photon

Those optical amplifiers IIRC also don't work at the quantum level. Meaning the copy photons emitted don't carry the same quantum properties as the original, spoiling your effort as it's those quantum properties that are the key to reading the message, and as best as I can tell, there is (1) no way to detect those quantum properties without absorbing the photon first, and (2) you can only detect one set of properties or another, meaning you have a 50/50 chance of getting nothing at all unless you already know the way it's coming in (a shared secret).

Charles 9

The article seems incomplete. After all, what's to stop Eve emitting a new proton to Bob to replace the one she read?

Apple removes VPN apps in China as Russia's Putin puts in the boot with VPN banlaw

Charles 9

Re: How far will this go ???

Why not give some examples, then? Because although you may be within the confines of SOME laws, you may find yourself running afoul of OTHER laws.

Charles 9

Re: The danger of the "app stores"....

China has nearly two billion people. Morals have a price, and to a business, that price can be too high, especially when you have investors to please (remember, Apple is publicly traded).

Charles 9

Re: Great

Probably. Just assume they're trying to wipe out all unsanctioned encryption wholesale. Once they do that, they'll be working on stego sanitizers next.

Charles 9

Re: The future is almost here

IOW, a Stateful Internet. I'm surprised they haven't taken that step yet.

Charles 9

Re: The danger of the "app stores"....

Uber's trying to wade into legal gray areas. However, in doing so so boldly, they're going to make the courts and legislatures start turning those gray areas black-and-white.

Charles 9

Re: And how would this be enforced in the west?

They will if they risk being charged with terrorism or worse. As for packet inspection, if all unsanctioned encryption is banned, then they just have to inspect anything they can't parse or decrypt. Most Web content can then be sanitized to reduce the odds and rate of stego.

Charles 9

Re: And businesses?

Then they must entrust the State with access to their data or they don't operate in the country, period. No unsanctioned encryption will soon be the rule with treason charges against those who try to get around it with things like steganography (which they'll sanitize to minimize).

AI quickly cooks malware that AV software can't spot

Charles 9

Re: Neural net they say. Connect my brain to the cloud they say.

As long as humans are involved, you can't have 100% security and privacy even WITHOUT the cloud. You have to take a risk at SOME point.

Charles 9

Re: AI now, metal-based life forms soon

Is there a way to prove your claim that AI will always have intractable blind spots?

Charles 9

"Start with something legitimate. Make small changes. Small changes can fool AV engines. But if the AV engine were white-listing the legitimate code than those small changes should fool the white-listing. And if you weren't counting on white-listing why bother to start with legitimate-looking code in the first place?"

Perhaps they're trying something akin to Return-Oriented Programming which can use whitelisted programs to wreak havoc.

Charles 9

Or they're "gestfaults" (gestalt faults--worse than the sum of their parts) that involve how different pieces of code interact with each other. Each piece works fine on its own, but the bug ONLY appears when they're together, so it's very difficult to spot.

Charles 9

While the really, REALLY smart ones get those on "The List" to vouch for them. Or manages to steal the credentials of someone on "The List" and pose as them. That's why even whitelists aren't perfect (think Return-Oriented Programming which relies on pieces of whitelisted code to work).

NAND that's that... Flash chip industry worth twice disk drive biz

Charles 9

No one's arguing SSD will eventually supplant rust. The question is when. Like you said, new flash foundries are going up, but they're not online yet. Plus although there's essentially only one set of rust suppliers, it's well-experienced, mature, and established, meaning the incumbency and economies of scale factors are in play. And as any politician knows, it's very difficult to unseat an incumbent, especially a popular one.

Charles 9

And it doesn't take consumer backup needs into consideration, as tape at this stage is only economical at relatively large scale, meaning it's only suitable for enterprises. Which is why most tape drives expect server-class interfaces like SAS or FC. At the consumer end, the key metric is price against capacity, and here rust is still the winner. It's also still manageable if maintained on a semi-regular basis, say with at least a mirror and periodic rotation and replacement, with perhaps error coding added in to deal with the occasional bit rot. I wish there was a better solution to archive packrat activities, but tape got priced out of the consumer market a decade or two ago. So for now it's USB rust drives for me.

It took DEF CON hackers minutes to pwn these US voting machines

Charles 9

"True, but it's a lot more detectable than 100% computerized voting system."

I don't think so, not against a sufficiently-corrupted political machine. Think Venezuela levels...

Charles 9

Re: There's a fix for this

Plus there's the matter of doing it in a country of 350-million-plus people, not to mention their impatience regarding results, meaning it's not politically favorable to take your time.

Charles 9

But at that point, how can they be sure it's really their votes that were counted? It's not like a really good adversary would have two of everything, including voter rolls. Plus, there is an intractable voter problem: the conflict between two equal yet opposite needs, a free vote and a true vote. A free vote is required to be able to truly vote one's conscience, yet it prevents really being able to detect a covert swap outside of a "small enough that everyone intimately knows everyone else" village scenario. That can be prevented with a true vote, but that always raises the specter of voter pressure, preventing it being truly free.

Charles 9

Paper ballots can be stuffed and swapped by a sufficiently-resourced organization, like a political party or two.

Charles 9

Re: There's a fix for this

Two words: hanging chads. Punch cards and punch tapes are similar technologies.

Charles 9

Re: Why Electronic Voting?

Because then you have to trust the counters, meaning (corruptible, even in opposition--as a cartel) people.

Dark web doesn't exist, says Tor's Dingledine. And folks use network for privacy, not crime

Charles 9

Re: He's right. The "dark net" doesn't exist!

Well, you know what they say about gestalts: more than the sum of their parts.

Charles 9

Which could in turn be just a cover for a working quantum computer. Remember, black projects don't exist as far as the outside world is concerned.

Pre-order your early-bird pre-sale product today! (Oh did we mention the shipping date has slipped AGAIN?)

Charles 9

Re: Relevant Thunderf00t videos

Even if they're forced to wear clothes with NO POCKETS in them and can't wear lanyards for safety reasons?

Charles 9

Re: Kickstarter's about 99.995% bad

My one Kickstarter was for the Carmageddon reboot. A touch late, but at least they delivered. Helped it was a very popular franchise in its heyday.

Inside the ongoing fight to stamp out govt-grade Android spyware

Charles 9

Re: Legit purposes?

Even the Constitution is just ink on a page. Someone determined enough and with enough power can just ignore the law, wipe out anyone who dares interfere, and replace them with sympathizers. Sure, President Trump's running into resistance right now, but how much longer before things REALLY come to a head, perhaps resulting in a Second Civil War?

Firefox doesn't need to be No 1 – and that's OK, 'cos it's falling off a cliff

Charles 9

Re: IMO It is an engineering fault for their failure...

Unless they INTENTIONALLY pack the feature AND security update together and force you to take it or leave it, part and parcel.

Charles 9

Re: No. Just no

I call bollocks ON the bollocks because I can surf to the exact same sites you describe, simultaneously with multiple tabs, and not get a hitch, and I only have 8GB versus your 12. And I just double-checked my Task Manager. Between all its processes (foreground and background), it's only using about 500MB with all the jazz open.

Facebook's freebie for poor people under fire again

Charles 9

Re: yet another symbolic gesture

"Zuck: Do something that will help SOLVE the problem, and STOP rewarding people for their unlucky circumstance in life. There is NO virtue in poverty. So DO NOT REWARD IT! And if you want to SOLVE it, CREATE JOBS!"

Create jobs that aren't needed? That involves labor costs that raise the price of their products which in turn raise prices at the consumer end which can in turn lead to the product being undercut by someone less scrupulous, leading to the "bleeding heart" going out of business and taking all their jobs with them (Brick-and-mortar retail market isn't exactly in good shape if you'll recall). Seems you can't win.

Charles 9

"That said, I think there are plenty of places that offer you free wifi, but only to look at the company's website. Does that infringe on net neutrality?"

Probably not, because they're confining you to an INTRAnet where external access is not expected.