Posts by Charles 9 16605 publicly visible posts • joined 10 Jun 2009
"Store your data on kit which is under your control."
Unless you build your own kit from scratch including the chips, there's now way to ensure your data is really under your control. Just ONE is enough to break everything wider than open.
Now who own their own personal chip foundry, eh?
One nasty one was signed with Realtek's driver key. Guess what else uses that key? The bulk of computer sound drivers today. Revoke that key and users suddenly lose their sound. That's probably why it was used: too much collateral damage to revoke.
Now imagine if a total own age malware was signed with the same key used to sign the Windows kernel...
And the GDPR now requires you do it RIGHT. So now you're assailed from ALL THREE corners. Investors want it cheap for RoI, competition forces you to do it fast to avoid being beat, and now the law forces you to do it right or get swamped by legal consequences.
IOW, "Pick any TWO" is not an option anymore. Now it's All or Nothing.
That's if you can afford an instance or some other fallover. Many CAN'T. Yes, it's stupid, but if you're stuck in the middle of the ocean with nothing but a piece of flotsam, what options do you have besides exhausting yourself treading water?
As said, breaking even is priority one because you're obligated to your investors first. If they don't agree with you about long-term investments, than again you're stuck because they can pull out, killing you BEFORE the disaster hits.
"A big part of job interviewing from the view of the interviewee is figuring out if the company is one of those companies. If you do take the job then it probably means you need to do a better job researching companies or you need to increase your skills and experience so you don't have to work for those type of companies for long if at all."
Or it simply means you're out of options. If they're the ONLY opening, then as they say, "Any port in a storm."
"Sounds to me like the failure is in the business model of the company. Those generally are the type of companies that are one recession or self created disaster away from administration."
That's why it's called living on the razor's edge. Where margins are close to zero all the time. You'd be surprised how many firms HAVE to live like this because they flip between profit and loss every month. You're floating in the ocean and you barely have the stamina to tread water. Sometimes, that's all you're dealt. All you can do is hope for shore or some flotsam.
You're lucky to have the budget to do it. Many times, people only have ONE live system (all they can afford) which MUST remain up 24/7, so no way to do a test. No test system to try the restore on (and besides, it's different from the live system, so things can still mess up in actual settings), and no way to really test for emergencies because they depend on things that ONLY occur in real emergencies, such as power to not just the floor but the whole building going out (and perhaps next door as well, just to be sure something wasn't plugged in a jury-rig).
They can still trace you by your IP, then trace you from that to your ISP. And there's no guarantee LEOs don't have ways to track you through relay chains. Remember that the Feds found a way to take down the owner of Silk Road, a TOR Onion site, so we know it's possible.
BLIND people CAN'T. That's why image-based CAPTCHAs get sites in trouble. The best systems kind of require full sensual acuity to work, but of course not all of us have that, so the law requires fallback methods...which miscreants can exploit by simply claiming to be blind and so on to get simpler puzzles.
"If someone cracks my El Reg password, about all they can do is make some silly and/or offensive comments in my username. I make those myself already, so I'm willing to accept that risk."
Or they could use it to post politically incorrect stuff and stain your reputation. Or worse, post CP links and get the attention of the law on you.
Maybe it's better to learn whether or not the problem at hand is even tractable.
Consider the First Contact problem. How can Alice and Bob prove their identities to each other if they've never net before? This is essentially the problem we face every time we register to a new site. We don't really know who runs the site, and the site doesn't know a thing about us.
The thing is, the First Contact problem is logically intractable. With no common point of reference, there's no way for Alice to prove she is Alice and not someone else posing as Alice. Not even Trent can help since Trent can be a double agent and has to be vetted himself, creating a Turtles All The Way Down conundrum. It's a Catch-22. You need common ground to create trust, but you need trust to create common ground.
That's why we can't seem to find a simple solution: because there's no solution full stop. We're just trying to make impersonation as hard as possible, but unfortunately we're stuck for the ride. Making things harder for the imposter makes things harder for US, and there's no way to unlink the two since the imposter's job is to BE us, essentially: right down to the DNA if they gotta. And inversely, easier for us is easier for the imposter. Worst yet, it seems the medium is UNhappy: not easy enough for us but not hard enough to thwart the imposter. So, basically, what now, especially when the public demands unicorn solutions?
Not even that guarantees things. Some identical twins, living together in the same house and so on, diverged on sexual orientation. This raises plenty of questions on the whole "nature vs. nurture" debate since it suggests neither are key factors and suggests a possible "wild card" factor that can't easily be isolated.
PS. As for the one not having a 'stache, one of them probably shaves.
Well, bone and muscle loss are likely due to atrophy-like effect. Human bodies were built to be under constant stress of gravity. Take that away, and stuff like that can naturally follow.
What's needed now is some kind of artificial gravity effect like an O'Neil Cylinder to see if something like that can minimize the atrophy.
Then all 12 starve because the scenario is that each needs one WHOLE coconut to last long enough for a ship to come, and they're SO starved that they need to eat NOW to survive that long.
It's basically a variant on the Cold Equations situation. Either some perishes or ALL perish, with no third option available.
"Well whoopty-doo, cry me a river - no fucking thing in real life is ever guaranteed!"
But that's what the customers WANT, like it or not. So if you cry a river, they'll be happy to send you down it. Which would you rather have? Hundreds of false positives...or one false negative?
"Second, there is zero point in nagging me about things I cannot do a single damned thing about. If a website's certificate expires, can I fix it? NO!"
But it WOULD be prudent to, you know, NOT GO THERE.
"so John Smith won't care about hosting a botnet as it will not impact him at all"
Not impact him at all? What about steal his information and use his identity to commit illegal activities putting the law on them?
"there's only one thing I can do about that when it happens: cancel the dialog and continue about my business."
Oh? What about "Perhaps what you are about to do is stupid. DON'T DO IT!" Like I said, I'll take hundreds of false positives over one false negative because they only have to get through ONCE to make it Game Over.
"99 times out of 100 being overlooked is exactly how advertising should be. If one view in ten thousand results in a sale then the ad is doing extremely well."
Nope, I hear it's LOSING them money, so they NEED a higher hit rate. Otherwise, their rates get forced down and they'll eventually end up in the red.
"In other words, the world is full of people who are just not sysadmins. So why on Earth would anyone put the responsibility of computer security squarely in their hands? Recipe for failure much?"
Because with something as "personal" as a computer, you can't trust someone else to do it, either. That trust WILL (not MAY) be betrayed, so it becomes like the front door. You need to keep intruders out (and there are more of them due to the cyberspace angle), so people have to learn to do some hoop jumping if they want to keep their computer safe. It's unavoidable, much like house burglary.
"Each window has an unforgeable coloured titlebar so you can see what level of security it is operating at. The colours can be customized but only from the hypervisor --- nothing in the VM can alter the colour of that titlebar."
You bet your life? It's pretty certain someone will develop a VM escape (a red pill) at some point in the near future. After all, they developed sandbox escapes quickly enough.
"What we really need to address is that users should never see security warnings, because they should be being protected by their operating environment from things going wrong in the first place."
EXCEPT that while you can TRY to make things FOOLproof (and likely fail, according to Douglas Adams), you simply CANNOT make something IDIOTproof. The difference being that fools will go off the beaten path on a whim while idiots will see the "Do Not Enter" sign and think, "Ooh, something COOL!" Basically, you just can't save some people from themselves; worse, these people tend to take others with them.
"Of course AT&T and Verizon aren't exactly loved, but I think Comcast and TWC are hated even more than cellular carriers."
Really? You should hear some of the gripes about service plans, transfer rates, and costs. Plus wireless has a sheer physical limit meaning they'll never be able to really compete with terrestrial services.
Where it should belong is in the hands of people who at least KNOW what's going on. Being a bureau specifically dedicated to communications (the first C), I would think people in the FCC would be more aware of the nuances of today's communications infrastructure than a Congressperson.
They make it economically impractical to just get one from them. Bundling is about the only way to save money on them, forcing you into the closest thing to a Hobson's Choice they can. And satellite's now a duopoly of DirectTV (now owned by AT&T, vertical integration's already starting) and Dish. You don't want to know their rates, plus using satellite for Internet's considered a last resort because of speed of light issues.
"A true, laissez faire, 'everyone go out and make as much money as you can without restriction' is a good economic plan in the same way that 'everyone going out and driving as fast as they can without restriction' is a good traffic plan."
Well, for Darwinists, the idea is that the ones who survive the carnage learn the skills needed to barrel down twisted roads at 100mph without losing control and pass the techniques on to their kids and so on.
IOW, these are the kinds of people who would support culls.
Most markets only have three, maybe four or five local channels to choose from. IF their antenna is good enough on a sunny day and they can aim it in the right direction and so on. Remember that the US is A LOT larger than the UK.
As for using Netflix or so on, that's a Catch-22. Most ISPs are ALSO TV providers and are either exclusive or have just one competitor who has an identical offer, so they get you either way. Take me. I basically have three choices: Cox, Verizon, and Charter. All three are total providers (TV, phone, and Internet) so are well aware of their clout.
The way I see it, the media company realize they've got two years to wrest as much control from the government that they can so that there's no leverage for it to be taken back later on. Any bets on most the spectrum in the US being permanently sold off?
"So the question is, when China decided to offload US Treasuries & UK Gilts, how long with these currencies exist until hyper inflation like we saw during the Weimer Republic or will the UK see a repeat of 1976 with the Sterling Crisis and IMF loan."
It won't do much and China knows it, since most sovereign debt (at least in the US) is Internal (the biggest debt holder is the Treasury, at least double what China holds which isn't even 10%).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
