* Posts by Charles 9

16605 publicly visible posts • joined 10 Jun 2009

USBee stings air-gapped PCs: Wirelessly leak secrets with a file write

Charles 9

Re: Air-gapped...

Oh? How do you transmit information back and forth that's not well-suited for a brain, then, like a large data table?

New booze guidelines: We'd rather you didn't enjoy yourselves

Charles 9

Re: There is no safe level of not drinking either

Thumbing me down doesn't make it less true.

Am I being thumbed down because I was right and that he died from a heart attack during filming of Gladiator (furthermore, he was in a drinking competition just before dying[1])?

[1] http://www.theguardian.com/lifeandstyle/2016/jan/24/oliver-reed-grabbed-me-by-the-balls-omid-djalili

Charles 9

How many of them ended up being spinsters because ALL the men they knew drank?

Charles 9

Re: There is no safe level of not drinking either

"Oliver Reed, a lifelong drinker, stopped drinking at the age of 61. He dropped dead mere months later. Therefore abstinence is lethal and we should all emulate the great Ollie's example."

What was his cause of death according to his autopsy? I smell a correlation rather than causation (given the age, it was likely an unrelated stroke or heart attack). It's like trying to see cannabis killed a man because he had a crash while he was stoned behind the wheel.

Charles 9

Re: So when do the Brits start legalizing cannabis?

"Over in the states we've seen a drop in alcohol sales proportional to the rise in cannabis sales, and there have been no deaths from cannabis overdose up to this point."

But cannabis still produces an influence, and people HAVE died as a result of people stoned behind the wheel (and not always the smoker, either).

Charles 9

Re: There is no safe level of not drinking either

"There is no safe level of not drinking either"

Eh? I've never heard of anyone being poisoned by abstinence. Care to demonstrate?

Charles 9

Re: because you can't enjoy yourself without a drink?

"I'm afraid the Government can't win here."

They really can't. Loosen up and they get reminded of the Gin Craze. Tighten up and they're reminded of US Prohibition. Innocent lives were lost in BOTH incidents, so they get accused of killing innocent people either way.

Charles 9

Re: Only once it becomes frowned upon to get smashed on a night out

"It is already socially frowned upon to be unable to speak coherently, piss one's pants and act like a bloody fool."

But not UNIVERSALLY. Among rebels, it's considered the minimum requirement for a good party night (either that or waking up someplace you've never been before). That's why The Hangover movies are so popular.

Charles 9

Re: life is risky

Thing is, for most the name of the game is holding out as long as possible. For the government, the idea is to have people die off at an ideal age: old enough to pay in the maximum amount in taxes yet not old enough that they take it all back in old age benefits which can't be taken away without looking cruel and inhumane to the elderly.

Charles 9

Re: Overpopulation and pensions crisis

"Overpopulation" is a thirteen-letter word but is treated by most people closer to a four-letter word, and I don't mean like "aunt".

Charles 9

Re: No such thing as zero alcohol

"Bread actually also contains alcohol. Not much, but more than various "zero-alcohol lagers" (the Bavaria breweries (in the Netherlands) actually make a pretty decent one)."

Now, I know the yeast in the dough causes a little fermentation and thus a little sugar-to-ethanol conversion, but last I read almost all of it burns off during baking, especially if the bread doesn't form a very hard crust.

Of course, if the bread is unleavened (altar bread, matzo, etc.), no fermentation takes place.

Charles 9

Re: I'm

Oh? Where did the booze come from before we went agrarian? And there WAS a time before we went agrarian.

Charles 9

Re: Overpopulation and pensions crisis

Because no one wants to be the ones to draw the short straw (or see their parents draw it). Overpopulation is a very personal taboo: more a four-letter word than thirteen.

Charles 9

Re: No such thing as zero alcohol

They don't care about endogeneous alcohol. If we live in spite of it, that much is OK. They just don't want us to aggravate the condition by adding extra.

Kindle Paperwhites turn Windows 10 PCs into paperweights: Plugging one in 'triggers a BSOD'

Charles 9

Re: Crashes and Telemetry

"Crash reports and other such nonsense are to be provided by the user in case of crashes."

But there's such a problem as the thing that crashes being the crash reporter.

Labour's Jeremy Corbyn wants high speed broadband for all. Wow, original idea there

Charles 9

Re: Just nationalise BT again,.. see it's easy ;-)

"If I'm not mistaken that is how this whole thing fits into JC's world view. Utilities, communication, public transport should be state owned monopolies that can be guided into spreading cost across all for the benefit of the weaker in our society. "

Problem is, being controlled by the state, there's no way to force a state-operated enterprise to operate more efficiently. Plus it's no less prone than private enterprise to corruption, though usually in different ways.

Charles 9

Re: ID cards - useless and expensive...

The problem they discovered was that, to quote E. E. Smith, "what man can create, man can duplicate," and there's no way to completely stop insiders. Meaning there's always the risk of a fake ID authentic-looking enough for most people to pass. And once ONE is out there, more will follow, diluting the ID's value as a proof of identity.

Charles 9

Re: Why ?

"As you said, the idea that anyone would install copper on newbuild now, especially at $4500/tonne, is crazy. Retrofitting FTTH will be expensive, none of this £25bn that's tossed around. But the point is 30Mb, 100Mb, 1Gb, it'll all look pretty shit in twenty years time. 1Gb is only about 30 times faster than 'standard' 30Mb, so by my earlier rough guesstimate, just using current growth we'd be looking at needing to upgrade that again in ten-fifteen years time."

Two things:

One, fiber is not at its theoretical limits. More data can be stuffed down a single fiber.

Two, digging is the expensive part. Once you've got the trench open, given how small a fiber is, why not over-provision it? How much more will it cost to bury say 100 times the fibers you intend to lay down originally?

Charles 9

Re: Why ?

"The trouble is, this technology has changed a lot, and it's not like electricity, gas, water and telephone, where the original rollouts are more or less still fine. A 'broadband' rollout in 1996, so just 20 years ago, would have been on the 'gold standard' of ISDN, delivering a whopping 128kb/s download. We are now looking at speeds 300 times faster or more, so how rusty is this broadband network going to look in 2036?"

Given how tiny a fiber optic line is and how much we've been able to extract from just one line, how difficult would it be to over-provision a fiber-optic by a factor of 100 or more? With current technology, most domestic links only need one, maybe two of the fibers, not counting further technological improvements.

Charles 9

Re: Why ?

I'd believe you if not for THIS line:

"Does the average person *really* need 2MB/s, let alone GB/s ?

Emphasis mine.

NO consumer Internet service that I know of in the Western Hemisphere offers 1 gigaBYTE/second (= 8Gb/sec) service. ONE Gigabit, maybe, in select markets (they're trying to expand into mine, for example, using DOCSIS 3.1), but 8?

So the GB/sec nomenclature is likely being used by mistake. If so here, then likely up there, too. And 1.7Mb/sec is pretty low end, only useful if the source material is very compressed (and only practical for an SD stream, trying to do it with HD creates too many artifacts).

French, German ministers demand new encryption backdoor law

Charles 9

Re: Let's face it...

Even if someone says their fundamental freedoms, basically their way of life, could be under threat from the new form of "Papers, please!"?

Charles 9

Re: Easy Solution.... For Da ter'rists

They can squelch stego by forced mangling of photos and videos. As for code phrases, that requires establishing a vocabulary first which requires First Contact, which you can control by the constant threat of cameras and plants (because at First Contact, there's no level of trust yet).

Charles 9

Re: Easily solved.

That won't work. They'll figure the Russians have it anyway through their spy network. What you need to say is that the moment a back door appears, we will lose World War III and cease to exist because the data leaked will allow a decapitation strike. The threat has to be immediate and existential.

Charles 9

Re: "I squat"

But it's hard to force an oral since mouths have TEETH. Not to mention your HANDS are in prime counterattack position, too.

Chinese CA hands guy base certificates for GitHub, Florida uni

Charles 9

Re: You can't trust anybody

"There is only so much tinfoil ypu can put on your head. I trust DANE cert calls more than a random Chinese CA."

I don't trust metal foil. They work as ANTENNAE, and we already KNOW the US is ACTIVELY trying to subvert secure communications. Having chums within the likes of Verisign would be NORMAL for them.

Charles 9

Re: The long road out of this valley.

"What you want is to be able to import a list from somebody that you (really) trust,"

And therein lies your problem. ANYONE you could potentially trust for this could easily be doubled without your knowledge. That's the big problem with First Contact: there's no possible way to fully vet a total stranger because you simply don't know anything about him or her outside your own context, and ANY knowledge you could obtain from third parties could just as likely be faked.

PS. As for tagging, the reason they're separate is because the standards update independently. Any program that tried to do everything gets into a problem when one of the standards updates separately from the rest: possibly in a conflicting way.

Charles 9

Re: If only...

"Both at the same time? Sure it's conceivable, but at least you're in serious attacker space now,"

But given what we've been hearing lately, quite probably already in action.

Charles 9

Re: If only...

Anyone worth their salt can get a fake record into the DNS, either through sovereign power or by social engineering.

Charles 9

Re: Commerce screwing up a decent system?

No, the REAL real problem is that the connection is getting subverted OUTSIDE the encryption envelope. What good is a secure connection if the SERVER is hacked? What good is a certificate if it can be duped? What good is your end if it was previously pwned and can therefore read everything in the clear because it MUST be decrypted to be visible?

Worst part is that this trust issue is not a problem technology can solve. It's pretty much entirely a HUMAN thing, and we're at the point we can't trust ANYONE anymore (including OURSELVES).

Charles 9

Re: You can't trust anybody

"Perhaps the warnings are justified and my host sucks, but all of their other behaviors seem sanitary. It's no wonder that many people just click through. Most messages are gibberish to a user, despite how we feel they are clear. More work needs to be done in this area so that users can learn more than merely how to get around them warnings."

You assume people are capable of learning. Many simply lack the aptitude yet expect to be able to get on with their lives without they or their loved ones being suckered.

Charles 9

Re: You can't trust anybody

"...or by a local CA being leaned upon or hacked by a government"

That's PRECISELY the part I'm talking about. No DANE or whatever can fix that because they'll just go straight to the top. What's to say the US isn't ALREADY chummy with Verisign?

Charles 9

Re: You can't trust anybody

"There's no reason that website's can't crytographically sign a message in DNS that tells you what CA's are valid for them."

Yes there is. A determined adversary can still pose as you by stealing your key OR usurp your identity before you have a chance to establish it.

Charles 9

"That seems to be 'not yet available' perhaps deliberately? - after all what could possibly be wrong with a system designed (and mostly stuck in) 1995 levels of 'security' & 'trust'"

You have to follow that up with "compared to anything else on offer". Then you find yourself caught in a First Contact Problem. Meaning there's no practical solution.

Charles 9

Re: You can't trust anybody

Trouble is, there's no real alternative that can't ALSO be subverted by a determined or well-backed adversary.

Google breaks heart, White Knight falls off horse

Charles 9

Re: I don't believe this report

"It might be that he asked to see a quicker ROI. But that's it. This is a big investment long-term revenue stream, and a good performing investment."

Have you got the numbers to back that up? Last I read, the numbers really weren't backing up Google Fiber. It's like trying to sell Rolls Royces in communities where the vast majority of your customers are lucky to own Mini Metros.

Charles 9

Re: That monopolistic behavior is legislated...

"Anyway, no market failure because there is no market - it's a command-and-control economy mandated and run by heavily-lobbied politicians and bureaucrats. Consumers such as myself get to choose the Coke or Pepsi product, no matter how much we'd rather have a nice herbal tea."

But without Coke or Pepsi, there would be no water service to your area, making a tea option a non-starter. The main reason for the exclusivity agreements was because the cable and phone companies refused to run out to those areas at all without them. So it becomes a choice of 10% of something or 100% of nothing at a time when telephone and/or cable access was a tax matter (because having those services in town affected people's decisions to move in).

Charles 9

Re: "the large geographic area of the United States aggravates the capex costs."

"But it -is- the terabit fiber, and the big cost isn't the electronics. It's getting the rights of way and burying the passive glass."

That was exactly what I was talking about: laying down the actual cables so they can actually be used. If it's above ground, it's as good as dirt because the real cost of data infrastructure is the physical part of it: burying and maintaining it, and the US isn't wholly up to speed yet because of weak links in the chains: mostly in rural areas who can't be asked to do it OR give the permission for someone else to do it. And sometimes the feds get involved because the cables have to necessarily cross environmentally-sensitive ground.

Charles 9

Beacuse in the case of the United States, geography gets in the way, and you can't easily solve geography. If it's 100 miles to the nearest trunk line, someone's gonna have to pay for making the connection, end of. That cost (both installation and maintencnace) will have to be recovered. It's these unavoidable costs that have some capitalists asking why the Post Office doesn't charge higher postage rates to remote Alaska or Hawaii.

Charles 9

Re: "the large geographic area of the United States aggravates the capex costs."

"...since the backbone networks connecting them already exist."

They exist, but I don't think they're at the terabit level just yet, which is what you'll need going forward (since it's the cities where all the broadband demand is). And that means new capex. Ever gotten the estimate on running that much fiber from New York to Los Angeles (or even further, Miami to Seattle)?

Charles 9

And the unspoken catch from the article is that Americans in general aren't willing to pay what market would need to support really good broadband. For many, they don't really need it yet, and furthermore the large geographic area of the United States aggravates the capex costs. It's no surprise that, when it comes to average Internet access, the strongest countries are also among the smallest and densest.

EU ministers look to tighten up privacy – JUST KIDDING – surveillance laws

Charles 9

Re: Charles 9 I for one argue against Jacob Ginsberg

Ahem. I speak FIRSTHAND. I interact with the police on a daily basis because I work in what's known as a "bear trap" area, so cops come EVERY SINGLE DAY.

As for riots, not too far from where I live is a local college party magnet. Once school is in session it's pretty much clockwork (about once a week) for police to be summoned to that location in riot gear. Every so often in the same general area, there's a shooting.

Charles 9

Re: No more terrism or terrists

"I say ban reading and writing, close all schools, switch off the interthing and telephones and only allow the politicians and the rich to read and write."

I doubt you could outlaw pantomime since that's an instinctive language. Shame we never saw a magic mime climb out of the Patrician's snake pit using an invisible rope. Would've made for an interesting conflict.

Charles 9

"Encryption is simpl and well known maths formulae and it can be simply hidden in larger files if necessary."

No stego's bulletproof, and a state aware of it can order pictures, sound, and videos mangled to break most of it.

Larry Page snuffs out ‘too expensive’ Google Fiber project

Charles 9

Re: selective wireless?

"If a premises has mains electricity, then fibre can get there cheaper than the electricity install! Fibre can be retrofitted to existing sewers, water mains, electricity poles and even grid transmission lines."

If what you said was true, someone would've done it already. Meaning there's something you're overlooking.

Charles 9

Re: selective wireless?

The problem with rural Internet isn't the LAST mile but the FIRST mile. You got to get the community hooked up with the greater Internet and the closest connection is probably a considerable distance away across environmentally-sensitive terrain and so on. Plus you have to consider that the existing rural infrastructure may not be as conducive to retrofitting as you think: aging sewers, rickety power poles, and so on.

Charles 9

Re: Actually an argument for a public utility to own the last mile

Anyone who doesn't want to PAY for it, that's who.

Google 'Solitaire' ... Just do it

Charles 9

No, but for a time when I had M.U.L.E. on my mind, I thought if someone would make an Android port called D.R.O.I.D. (Durable Rugged Omnipurpose Implement Device), using the signature Androids, set on Planet Elgoog.

Charles 9

Re: Seems...

Most Klondike and FreeCell games avoid using a strongly-random generator because both games have the chance of an unwinnable deal.

London cops hunt for drone pilots who tried dropping drugs into jail

Charles 9

Re: Thank God it's just drugs..

Don't most of these drones have cowled rotors, meaning they can resist netting? Plus if push came to shove, they'd probably start sporting cutters on top that'll help make netting fall around them.