Posts by Charles 9

"I'll be holding on to my AV for a while longer. Did Google say who should be in charge of whitelisting? Was it them, by any chance?"

Whitelisting is only practical in a business setting where there's a boss to dictate terms. In this case, it's the boss who manages the whitelist.

In a home setting, no whitelist can be considered safe except one curated by the user him/herself, only most users lack the aptitude to correctly curate a whitelist. And placing it in someone else's hands essentially places your trust in a Trent who could really be Mallory.

But then, as Washington pointed out, how do you deal with China, who's both sovereign and militarily powerful enough to be a legitimate threat if pushed?

Re: Well, if these fine legislators have their way --

Oh? People have been hacked since before the word "hacked" ever existed. Ever heard of the Confidence Game? That's Social Engineering at its most direct.

Re: Nice surveillance racket you got there China

"China has to import food because they don't currently produce enough to feed their population.

That is a turn-around from their situation 10 -15 years ago, and it could change. But most likely that will be that food imports continue to rise."

They've got tons of arable land, and they WERE net-positive not that long ago, meaning they have the means to turn this around, probably by reducing their population in various ways.

"China also has to import about 7 million barrels of oil a day to keep the wheels turning and the factories running - I don't see them becoming self-sufficient there any time soon."

Haven't you heard their rush to build windmills and nuclear reactors? Sounds like they're already working on the problem.

Re: How do we stop it?

Precisely. The Indian government is trying to rein in undeclared ("black") money so as to raise necessary tax revenues and hold the rich more accountable. And many are considering the move extremely audacious, particularly in light of Indian society being very "gossipy": being able to hide this move until past the point of no return in such a "gossipy" society is considered quite the coup.

Thing is, currency is only as good as the government that backs it. If the government disappears (like in Confederate money) or in this case withdraws its legality (the Indian case), or if hyperinflation whittles your cash value to less than the paper on which it was printed (German currency just before the rise of Hitler)...

Re: Nail in coffin for Android???

"It's everything to do with Android. You can't trust Android firmware, and it likely won't ever be properly patched / updated."

If you can't trust Android firmware, then you can't trust ANY firmware, for that matter, since where's the money in a one-and-done?

Re: Luddite

Then you're still very, VERY vulnerable since in this day and age any attacker can probably seek out hundreds if not thousands of victims at once, and even if it takes time, some are out there for the challenge so will see your hardened defenses as a bullseye.

IOW, you're gonna have to go FULL Luddite or you might as well not go at all for what difference it'll make. Unless you have an actual brick & mortar bank you can reach at any time (because otherwise you could be in trouble if you need to make a spot transfer to finish your purchase), unless you do ALL your shopping physically (which means you're out of luck with a lot of stuff that's ONLY available online, such as lots of repair parts and replacement components), then odds are you're vulnerable, if not by your phone, then by your PC which could very well be pwned without your knowledge.

Re: Therefore it is vital to be able to root your phone

No, they are root-aware because they can't trust the operating environment if root exists, as root can blind practically every other sense available to them unless you're like Google and can employ an extra set of "eyes" to double-check (like they do with Android Pay).

And no, not all malwares are built-in or come with an app. If Stagefright is any indication, they can be done from without as well using a drive-by exploit or other basic attack.

Re: Nice surveillance racket you got there China

"China really needs to export to sustain its economy, the internal market won't be enough. And it needs foreign money to buy all the resources Yuan wouldn't buy. China is far from being even close to be self-sufficient. Just think how much unemployment and related issues a collapse of export may lead to..."

China also knows export economies can't last forever. They DO need to turn inward, and if they need something they don't have right now, recall they have a massive surplus of MEN around. At this juncture, war with the neighbors could be a win-win for them. After all, who's going to stop them when America's too far away and they have nukes and a willingness to go MAD if all else fails?

Re: Therefore it is vital to be able to root your phone

But rooting means male are can take over the root, not only undoing your work but also preventing you from fixing it by using a signature check. Why do you think apps are increasingly root-aware?

Re: Nice surveillance racket you got there China

Ever thought China would WELCOME a trade war? There's very little China needs that they can't provide for themselves. They're pretty much the closest in the world to self-sufficient.

Re: How do we stop it?

You can't. Some of this stuff can be on feature phones, too, so no escape there. ATM OS'S can be secretly compromised, too, and you can be recorded by hidden cameras. What now?

Re: This is why

Ever thought your PC could be owned without you knowing it? In that light, a phone's no worse than the PC especially if you don't store the passwords.

Re: Provider of firmware over the air

If you can't trust a stock device to be secure, nor can you trust an update, you're basically saying it's impossible to have a secure device and that we should go all Luddite.

Re: Confused

Probably because it has the tacit consent of the State: IOW, sovereign approval which means little to stop it.

Re: Watson?

"Charging less for accepted applications and more for rejected ones makes sense. Think about it. Charging more for acceptance only encourages it and I think we have enough shitty applications. Charging more for rejected applications "encourages" better thought out applications, but this depends crucially on the extra cost. In essence the desired outcome is reflected in the pricing. To change it would encourage a worse result."

There's also the matter of the labor costs. Remember, someone has to research these patents, and the USPTO is one of the most underpaid bureaus in the country. So they're pressed to investigate as many patents as possible on a shoestring budget, and they can't deny by default because then filers would complain and eventually Congress would get on their cases.

Re: Learning to live

"Machines also have the benefits in surgical processes of being able to use narrower "limbs" and joints able to spin on their axis unlike human ones. They also don't suffer from shakes (even minute ones - think about the eye surgery example above) or errors in judgement of geospatial location."

But what if the patient moves? Can the robo-surgeon correct for Murphy moments as easily as the human can (and the human may even do it instinctively, something the machine lacks and can't be taught it since we don't know how our own instincts came to be--they come untaught)?

Re: Learning to live

"in the same way talking to a customer agent robot online has become more routine."

And too many people (including young people, BTW), still respond to this by pressing 0 and demanding to speak to a live person. And Uncanny Valley is an instinctive (meaning untaught) aversion to pseudo-humans because something about them isn't perfectly right. So young people will still get creeped out by Unacnny Valley. That's why we still have the Turing Test, which gets tougher the more elements you have to incorporate. Turing Test with text is within reach, but then you have the voice and finally the look.

Re: Millennials need to get a clue

"Believe me, this kind of world where only the wealthiest have any free time is exactly the world neocons like Trump envision. No time to think equates to no time to rebel against the transgressions of the 1% against the 99%."

Or it could just mean they call Sod This and devote ALL their time to rebel, figuring they'll survive by plundering the 1%. The 1% better have a backup plan.

Re: You've only just realised this?

"Well, bollocks to that, IMO. And the answer isn't neo-Luddism, but the development of a new economic system. Capitalism replaced barter due to the needs of its time, and I feel sure that in due course we will arrive at some system to replace capitalism that embraces the existence of both humans and pervasive automation and AI. Trying to either prevent the future (Luddism) or hold onto the past (clinging to capitalism when it;s clearly not fit for societies purpose under current circumstances) are both doomed to failure. So the sooner people start thinking about what a post-capitalist economic system might look like and how it might operate the better The longer we leave it, the messier the change from the system we have now to whatever will replace it is likely to be. IMHO, of course."

But there IS no better system. Capitalism at least draws on natural human instincts to make it work. Any other system would have to compete with that, and the problem with AI is that it butts directly up against a human instinct: that of getting the leg up on your neighbor so that it's your genes comprising the next generation, not his.

IOW, the natural result of an AI takeover will inevitably be a lot fewer humans: not because the AIs kill them but because a lot of us will be rendered expendable, and the law of the jungle still applies in civilization; in fact, it applies more when civilization is strained.

Re: Basic Income is our only solution

But it'll never fly for one very simple reason: the people you have to leech to pay for the scheme will never go along. They'll bail first, and since they have all the money, they'll have the means, too.

"A robot will produce the goods, but without paid employees, who will buy those goods?"

Like I said, the ones that still have all the money. When the 1% claim 99% of the money, they'll close off their walled garden and hash it out amongst themselves. As long as there are more than two people left, give and take is still possible.

"Once there are a majority of unemployed - it's too late."

That's when the 1% will begin to roll out the robot tanks...remember, by this point the unemployed (or rather, unemployABLE) will be considered expendable.

Re: Using a password manager

"Until said password manager becomes mainstream and the blackhats reverse engineer the "random" generator algo."

Even if they reverse-engineer it (and the one in KeePass is open-source), if the algo was seeded properly with truly random data (or even just truly ephemeral data, like the time of creation to the microsecond--try figuring out THAT one), they'll still be at a loss to reconstruct the password. It's like trying to predict the lottery.

Re: Sites also a problem

"There's an even better way - take your business elsewhere."

Ever heard of a Captive Market? If they're the ONE AND ONLY source of something (say the manufacturer's website), you're left with a Hobson's Choice: Take It or Leave It and be left with very expensive bricks.

Re: Is it...

"We use it because of inertia and because distributed key sharing without a trusted intermediary is a dam hard problem to solve."

More like intractable. I can see the thought process in my head, but I can't yet construct an ironclad reductio ad absurdum that proves the First Contract Problem unsolvable if Alice and Bob have absolutely nothing in common. But basically, you can think of it like relativity: how can Alice know Bob is really Bob and vice versa without something in common between them (in other words, a common frame of reference)?

Re: What *is* it with email ?

"The modern equivalent is to post on a forum somewhere (USENET ideally). Easily done from any number of disposable accounts. OK, the intended recipient would need to know where to watch, and when (which could be detailed in the previous communication), and it's not as convenient as point and send email, but as many wise people have observed, you trade security for convenience."

But that STILL means you need to establish some sort of contact in order to establish the protocol. And that runs you up into the First Contact Problem, which last I checked is intractable.

Re: Is it...

But at some point, the Internet MUST know where to send the message, much like the Post needs two addresses: where it's going and where it came from (in case something goes wrong). The law can learn a lot JUST from that necessarily-open information.

Re: What *is* it with email ? / mashup

But you have to arrange the signals beforehand which means you have to meet, putting you right back at the First Contact Problem: how can Alice and Bob prove their identities to each other if they've never met before and they have no one in common they can trust?

Re: Overreaction?

"Maybe you can't please everyone, but giving the user the option to choose whether to leave the mic on would go a long way.as would being transparent about it."

But there are people out there who don't like choice, or even the appearance of choice: Information Overload. Like I said, there's just no pleasing some people.

Re: Overreaction?

"The author takes care to point out that it's up for debate if keeping the mic online is a bad thing, but from my perspective I don't want an application grabbing data it has no business accessing until explicitly permitted, I don't like those "foot in the door" strategies."

But what happens when the sound you want to search happened five seconds ago? Or in this case, it takes several seconds to go from completely off to listening and recording, by which time the song's ending and there's not enough left to ID it. I for one have had any number of those, "Damn, just missed!" moments to think sometimes it would be nice for it to anticipate when I want a song identified before I realize I wanted it identified but am too late to do it now.

This is sounding a whole lot like a case of, "You can't please everyone." If you try to appease privacy concerns, people complain because the mic triggers too late. What can you do?

Law's going the other way, using the environment as a scapegoat. Assets are being locked down, there are too many people, and there's no business like repeat business.

Re: How do the crooks get paid?

The same ways drug lords do it: money laundering and mules.

Re: Freecycle

"The notion that overwritten sectors can be recovered by searching for 'shadow' copies on today's hard drives is false."

http://www.computerworld.com/article/2477228/data-privacy/is-overwritten-data-really-unrecoverable-.html

I'll believe it when the NSA immediately returns a wiped hard drive after seizing it. Otherwise, we can't rule out black tech belonging to state agencies (with deep pockets and big brains) that can still accomplish the feat today.

Re: Selfies are the symptoms of a much deeper disturbance

"That's exactly it. If you go to see something, take a photo of IT. You know you were there, you've got the fucking photo. It doesn't need an ugly mug grinning in the front of the image."

"But what if that wasn't REALLY me? What if I was deluding myself that I went with my BFF who was the one who REALLY went there and took the picture and then MMS's it to me and I thought it was me and so on?"

Some people really CAN'T tell the difference between dreams and reality. Some also fear doctors as mind-controllers.

Re: Egomaniacs

"Get over yerself. Nobody cares!"

"No, I care! And that's all that matters!" would be their reply, and they will ignore evidence to the contrary.