Re: And if I'm paranoid enough, or my data is sensitive enough
But what's to stop the foundry from being doubled?
16605 publicly visible posts • joined 10 Jun 2009
Infrastructure is a huge upfront cost while the RoI is iffy. "Extra infrastructure" doesn't really sell with customers, especially at the consumer end, plus the competition can weasel their way to stay competitive with those who actually plunk down. Unless there is an absolute truth in advertising law, that won't change.
Since so many people are getting skilled with channel-surfing, they synchronize breaks so that no matter which channel you turn, you see a commercial. Meanwhile, inline ads are the last bastion: embedded right into the broadcast, part and parcel and inseparable, forcing you into the ultimate "Take It or Leave It" situation: ads and all or not at all. Not even hidebound traditionalist events like Test Cricket are immune (sure the uniforms are clean, but you can't say that about the field). And since the sports themselves need the ad revenues to keep things going (otherwise they have to raise ticket prices beyond the tolerance point), you start to wonder how it will all end...
"illegally inspecting my PC"
It's not illegal. It's entirely possible to detect ad-blockers completely server-side simply by seeing if the ad videos get called up or not. If they won't let you see the video without requiring the ad be served first, that's basically your problem as they've made the ad the price of admission. It's done with their equipment so their rules apply, and it's all legal. You either bend over, hope and pray for something like a torrent (and the networks know about it and can send out fake torrents), or just go without that episode.
"It's actually illegal to probe my system for plugins. Against the law. Yet you think it is acceptable."
One, under what law?
And two, what's to stop a server from detecting a blocker by, you know, noticing you're not calling up ads? That's entirely server-side and impossible to ban without stepping on Constitutional toes.
"I'm stopping making music, I'm giving up computers and I'm disconnecting off the net."
Then why are you still here?
"On the TV Ads that show up before a video, I mute the sound and minimize the window for however long the ad runs and then I restart the video."
You just watch. Next thing you'll know they'll detect the ad is not visible and PAUSE it as long as it's covered, only restarting it when you switch back.
After that, it'll be ads for things for which there is no alternative (the market is captive), meaning the only option is to go without, which may involve Walking on the Sun...
"If I see an advert for product X, then when I want to but something in that product category, Product X is removed from the list of possible suppliers."
So what do you do when it's the ONLY supplier? Or when ALL the possible suppliers display ads? Do you go without?
No, as long as they're in power, they can be influenced, usually under the table. It's simply part of the human condition. No matter what kind of power structure you put up, SOMEONE's going to find a way to corrupt it. Removing people from the direct influence of the people means it's easier to influence them on the sly, but making them MORE direct means the charismatic can dictate policy by appealing to the stupid.
"If they ban end to end encryption (or enforce backdooring which is the same thing as it isn't end to end encryption if it doesn't work) then they are banning the commercial use of the internet."
And you think the people in charge consider this a BAD thing? The less power the plods possess, the easier it is to control them.
I doubt these pluggable transports can make tor information look perfectly like other packets. Next step is that the Chinese perform DPI of all random-looking traffic to see if they're real packets or covers. If they learn how to transcode transport packets, they can then mangle the streams to block inline stego, and so on.
Whoever controls the networks carries the advantage of the Big Brother perspective. They can whitelist and restrict the whitelist even more as they learn more.
Now, gradual flash chip failure is actually pretty easy to detect and then negotiate (lock the drive to read-only, copy what you can to a new unit, use recovery tools for the rest if needed). But IINM Flash SSDs also suffer from a higher-than-normal rate of controller failures, and controller failures are sudden catastrophic failures: fine one moment, hard-bricked the next, so these need to be taken into consideration as well.
"...but we are going to collide with limits sooner rather than later."
What kind of hard limits do you think we'll hit given that rust capacity has managed to continue climbing in spite of scares while solid-state capacity is still growing and still has several big shifts left in the tank?
"Amortisation is the practice of reducing the value of assets to reflect their reduced worth over time."
No, that's depreciation.
Amortization is the practice of smoothing out financial shocks (such as a large one-off like a capital investment) over time by splitting the large single payment over the expected useful life of the investment. It's still been paid for, but by spreading the cost in the books, it helps provide a better long-term view of its impact on the business (of course, if something happens to cause a write-off, the balance has to be immediately applied).
"Can't we just put the stupid package to permanent death already."
Not as long as there are very expensive pieces of kit that require Flash to operate. Since the costs are sunk and being actively amortized, they cannot be replaced. Since they already exist, they cannot be forced to be replaced by legal means (because they're currently legal, they can't be made illegal retroactively).
So IOW, SUAUI (Shut Up And Use It).
"1) take card from wallet
2) tap card"
You mean:
1) Take card from wallet.
2) Tap card, but pad refuses to read. Try again, doesn't work.
3) Say sod this and swipe, only to remember it's a Chip card.
4) Try to insert the Chip, but it's broken.
5) Call the whole thing off.
OR:
1) Take card from wallet.
2) Tap card, but find out the NFC reader's turned off.
Plus, consider many people don't like to carry their wallets around (for fear of identity theft) or have no way to (because their clothes have no pockets) but they still have ways to carry their phone (like on a clip).
"What's not clear in all this is how the system guards against fake codes. I take it there must be some dynamic element in generating the code."
Probably by way of a one-time code. The phone sends the code to the bank, the store reads the barcode and sends that information along, the bank lines it up, and gives the OK to the store.
"Moreover card payments are usually made over interoperable networks using common standards."
But in China, the standards don't exist, cards are easily FAKED, and they don't use Chips. Meanwhile, ANYONE who is is anyone has a phone there. So pulling out the phone is no big shakes for them as they usually have it on hand ANYWAY.
Funny, I happen to have a Symbol (Motorola) barcode scanner normally seen at POS units and so on. It seems to handle barcodes more readily than the Android Barcode Scanner. Pull the trigger, and it usually gets it in under a second as long as it has a reasonable line of sight to the target, doesn't even have to wait to focus. Plus unlike the Android scanner, it seems to comprehend light-on-dark barcodes as easily as the standard dark-on-light.
Never thought of it that way. We westerners have it easy when it comes to e-communication because we only have to wrestle with about 40-60 symbols at a time depending on the nature of the conversation. Phone input systems can do 40-60 symbols easily enough. Several thousand? That's going to require a different approach.
So what happens when you have a terrible memory and keep forgetting your phone?
It may be inconvenient for YOU, but for many people biometrics is the ONLY thing guaranteed to be on their person. You can't rely on what they KNOW (for they may not have a good enough memory to KNOW anything) OR what they HAVE (for they may not have anything on their person), so what choice do you have?
You don't have to stop them altogether. Just alter them enough so they change into one the system doesn't recognize since fingerprints are epigenetic. Alter them too much and it's like busting an error code: something else comes out instead. People who receive finger lacerations seem to experience this. Perhaps medical science can find a way that isn't so painful.
Well, think of it this way. Too many people have bad enough memories that they can't remember PINs or passwords, even if their lives depended on it. Plus they tend to LOSE things. What do you do when you can't KNOW anything and sometimes don't HAVE anything?
PS. If you read the article thoroughly, it seems they only want the biometric to be part of a multi-pronged approach, which might help to mitigate the stolen biometric bit.
PPS. As for changing fingerprints, what about acid etching?
"But not this important! I mean, they're backups, for Bob's sake! Of your actual data you actually need to run. Only to be needed -- and usually found not up-to-date/functional -- when the live copy fails."
The thing is, the people demanding the backups belong to the insurance company. Basically, they're not going to pony up for "being bloody stupid," and not having a viable backup to them is considered "being bloody stupid," since live data crashing without a backup basically means you're screwed.
But isn't one issue with older hardware is that they're inefficient when it comes to power consumption? And you're talking a world where electricity may not be a given.
Such a world would be better suited for power-sipping ARM-based units which are also more compact and could even be powered by batteries.
"The obvious solution is to lower your attack surface. Make it hard for the user to install software from random sources, make sure you always use a minimal amount of code so you minimize the chance of getting compromised via a bug... and so on. You know, normal best practices security."
But that doesn't work well against the average user (who BTW can't be educated). How do you deal with people unwilling and unable to protect themselves (and by extension, everyone around them)?
"Speaking as someone who has been called upon to fix friend's PCs, I sometime think it would be nice if every consumer PC sold came with external HDDs and an image back up system by default. :)"
Two problems with that approach.
One, sleeper infections exist that stay quiet for a while so as to get themselves INTO backups, meaning restoring the backup just gets you infected again (since you probably won't know which files contain the payload and a smart one will hide in multiple locations, including WITHIN legitimate programs).
Two, you overestimate the intelligence of the average computer user. Given an external hard drive, they'll probably find some way to break or usurp it. Didn't the late Terry Pratchett write once that if there was an End of the World button, the paint wouldn't even have time to dry?
"There is practically zero cost in the free sharing of smarter sophisticated intellectual property between developers and/or across live open source platforms which creates software of advanced nature."
Two words: trade secrets.
"Anyone who wants their control network to survive a determined attack. "
Then they get overridden by the board, who have to answer to the investors.
"High profile attacks like Talktalk and others have highlighted the need to do a thorough job of securing things to a wider audience given the beancounters saved them a small sum skimping on security only to find significant amounts of value wiped off shortly after the attacks."
And then the public forgets them next week, guaranteed. Meanwhile, the other investors will simply go, "Glad it wasn't me." Unless we see a board overthrow BEFORE a breach hits, I don't think the investors really care.
But 2G still has its uses for low-power, low-data applications like embedded devices (IoT).
Anyway, my current beef is all this talk of priorities and so on. What happens in say a very crowded city when the spectrum gets saturated? Neutrality insists on equal time because otherwise people get left out which is unequal treatment of citizens and so on, whereas prioritization takes the capitalist approach, allowing those who can afford it to buy better access by shelling out more money. The MNO's are in the troublesome position of having to find a way to keep as many customers as possible and minimize defections but caught between Scylla and Charybdis in that, no matter what choices they make, they'll lose customers and money.