* Posts by Charles 9

16605 publicly visible posts • joined 10 Jun 2009

Kill Flash now. Or patch these 36 vulnerabilities. Your choice

Charles 9

Re: >> giving the update the "Priority 1" ranking

So how do you put food on the table then, especially when every other town is in the same boat AND they talk to each other?

SCADA malware caught infecting European energy company

Charles 9

Re: Impressive analysis, but infection vector not apparent

"Lock it down, secure it, get maintainence agreements including code fixes for the life time of the kit in the original contract when buying, take steps to establish a in house policy and responsibilities and delegation to keep it patched and integral but sticking it in a vm isn't going to help, especially as the next step would be to combine all of those windows machines into a single host, giving yet another vector for a sophsiticated attack to jump about sight unseen by any network probes.."

Um, who's got the budget for that who can get it past the accountants? Most higher-ups don't take a long view, especially if they have investors (also very short-sighted) to appease.

Charles 9

Re: A third tier AV company

When your basic infrastructure depends on a third party, who by default can never be completely trusted, you have a problem.

Problem is, EVERYTHING relies on trusting a third party. So what happens to civilization?

Charles 9

Re: Never as easy as it seems from an armchair

"This is why we need the law to step in and for security folks to draw up regulations, including things like operating in a VM as an essential attribute, otherwise no sale (and no insurance or license for a business which fails to follow the rules)."

But the vendors have more bribing power than the citizens. They can just lie and bribe anyone they need to swear by it. Or they can make themselves "too big to fail" as in if they go, so does a good chunk of the country.

Florida U boffins think they've defeated all ransomware

Charles 9

Re: Next gen ransomware

"However, I still think the best approach is one where user programs don't get direct access to the files, they request a server and there should then be a means for the server to verify the requesting program - cryptowhatnot doesn't get the ability to read and write your spreadsheet and it's not the recognised client to get the server to do that for it."

All you do then is switch the target from the program to the server. What man can create on a computer, man can usurp.

Charles 9

And what if it's an OFFLINE machine?

Smartphones aren't tiny PCs, but that's how we use them in the West

Charles 9

Re: Paying for fuel

The US doesn't have such laws at present, but the fuel pumps here are leaning more towards NFC, especially with NFC payment on the rebound with Android and Apple Pay. Sonic Drive-In uses a numeric code combined with their app. When you want to pay by app, you punch the code (likely a one-time-use code coordinated with a central clearinghouse) in the app and the clearinghouse coordinates the purchase.

Charles 9

Re: Rubbish

For limited uses barcodes of all sorts can be used. 7-Eleven has a partnership with PayNearMe that lets people pay all sorts of bills (or even buy Greyhound bus tickets) using PayNearMe barcodes they just take to a nearby 7-Eleven. It can be printed or displayed on their phone.

And airlines are already using PDF417 2D barcodes on their boarding passes. People who check in online can print them out themselves.

Charles 9

Re: QR codes are a great way to point people at malmare

The most likely candidate for exploits in China is the State, and they don't need it since they control the phones in other ways...

Charles 9

Re: It boils down to the Chinese writing...

But how do you do two-factor security when many people are too stupid to KNOW anything?

Charles 9

Re: QR Codes are still around....

What's changed is that QR codes can be poisoned, so each one is viewed with at least some trepidation. The Chinese possess a level of trust in the system the west doesn't have. It all relies on a chain whereby a single link could cause real trouble if it's usurped (and it probably is, by the state, but most of them don't care).

In mourning for Nano, chap crafts 1k-loc text editor

Charles 9

Re: Single line?

"Bollox! A line is defined by the language and it's definition of EOL"

Bollock on the bollocks! If any form of text overflows the single line on display, then by definition it's not a single (as in ONE) line anymore. We'd never say that of text, code, or whatever, so I stand my ground. A single-line program is only such if it takes up no more than a single screen line; no ifs, ands, or buts.

10 PRINT "HELLO, WORLD!"

THAT is a single-line program.

Charles 9

Single line?

Horse hockey! I only call a program a single line if it occupies a single line on the screen: no overflowing or any of that garbage. Instead, we should be judging short-program lengths by character count, not line. Let's see people produce a complete game or utility when restricted to, what, 40 characters.

Linus Torvalds in sweary rant about punctuation in kernel comments

Charles 9

It wouldn't have to be THAT sophisticated. Syntax highlighters know the trick. You just have to be able to understand string demarcations as well as comment demarcations to realize you don't want to process those comment lines.

Charles 9

That's the style I use. I don't know how Linus would personally feel about it, but based on the examples, I don't think he'd be too annoyed with it. I think what ticked him off was poor formatting and poor consideration for editing in future. That style doesn't seem to trip those landmines.

Charles 9

Re: How do I get <tt> to work?

The counter is that you SHOULD be doing double-slash comments if they're inline like that. No right asterisk necessary anymore there.

Charles 9

Re: Change over time

"You can't deal with arrogant people politely. You have to tear them a new one, or they won't listen."

But you can't be TOO rude to them, either, or you make them retort, "Yeah, well $#$ YOU!" and then double down, making them even less receptive to change.

Charles 9

"For comments on lines of code, I prefer to use the double slash.

For block comments I generally have a slash followed by a line of asterisks, followed by one or more lines of text (no asterisks), followed by a line of asterisks ending in a slash. Separates the block visually, nice symmetry, easy to edit."

That's my style, too, and I tend to keep a certain structure. Each section of code (declarations, definitions, etc.) I use a simple block comment: Line, Section name in all caps, Line. Functions I use a detailed block quote that spells out what it's supposed to do, what goes in, what comes out.

And the reason I use lots of comments is because I realize different people think in different ways. The path of logic I took to get something done may not be the same one someone else uses, and as result following actual code can sometimes derail people simply due to different experiences. Since I've personally had to go through the act myself with someone else's sparsely-commented code, I can speak from experience; it can be a slog, and many of us have deadlines. So the inline comments act like breadcrumbs to map out the paths within functions like the blocks act as signposts to show goals and other things in a broader sense.

Charles 9

But as Woza noted, what if they start nesting? Plus the commenting techniques works better in editors with syntax highlighting since commenting the code will make it look obvious it's non-functional.

Charles 9

"A comment in assembler? There ain't no memory for comments in assembler!"

I would think comments IMPROVE the assembly process, since it can IGNORE any line that (IIRC) begins with a semicolon.

Bomb-disposal robot violently disposes of Dallas cop-killer gunman

Charles 9

Re: What is an assault weapon?

"A hunting rifle has a wood stock."

So you're saying the Remington Model 710 is not a hunting rifle, then? It has a synthetic stock. And McMillan produces synthetic aftermarket stocks for hunting rifles. Mostly in camo.

"An assault rifle stock is made of metal or plastic or composite."

An AK-47, the most infamous assault rifle, has a wood stuck (easier to acquire).

"According to FBI statistics, white males are shot 3 times more often than black males in total numbers."

According to THE SAME statistics, most males (regardless of race) get shot by one of the SAME race. AND a significant chunk of deaths due to firearms are from suicides.

Charles 9

Re: AC @YetAnotherLocksmith ... It makes sense, but...

"What doesn't help is that a significant number of police recruits in the USA are sociopaths and another significant number are psychologically unsuited to operation under pressure. These are not being weeded out during training and they're not removed when they show themselves as unsuitable for the job."

One question. How do you go about winnowing out the unfit if you don't have money to afford all the psych exams to do it since the public are bitching about taxes as it is (and the heavy weapons and vehicles are being subsidized by the Feds, so they're not paying the full bill for them)? That's always the $64M question as to why things aren't getting done: Where's the money, sonny?

Charles 9

Re: Texas Reg Reader Gives Context

"Nothing, nothing, no, not one single thing that anyone does, no matter how heinous, revokes their constitutional rights."

NO right known to man is absolute. Don't believe me? Read US v. Schenck and the concept of falsely shouting FIRE in a crowded theater. In this case, your rights end where another's begin. And taking several officers' inaliable right to life pretty much means you've crossed the Point of No Return.

Charles 9

Re: AC @YetAnotherLocksmith ... It makes sense, but...

"And a serious bomber will have a dead-man switch."

Unless he was still holding out on hope of getting away. In which case, he wouldn't cross the Point of No Return unless he was certain he was doomed. I'd have to look, but either they took him out before he could sense he was doomed, or they realized somehow he was bluffing.

Charles 9

Re: Hows the Robot?

A real trooper, actually. It survived and will probably be back in service soon.

Charles 9

Re: slight correction

You've never had to defend yourself during a riot, have you? I recall several shopkeepers packed these and machine pistols during the LA Riots of the 90's. Those stores tended to be the least looted in the aftermath.

Charles 9

Re: Additional options

"Very few assault rifles (full/burst/select fire) are in civilian hands, and effectively never used in crimes. A) the check-up for ownership is rather extensive, B) the availability is quite limited and prices very high."

But pre-1985 AK-47's are grandfathered and therefore legal to possess. Furthermore, due to them being so numerous (it and the simpler AK-M were a favorite export during the Cold War), a decent number of them end up on the black market. Weren't they the weapons of choice during the Hollywood Bank Robbery.

Charles 9

Re: Gunman murdered by the police?

"Kill him because a car park is more valuable than an innocent person's life? Because, you know, 'innocent until proven guilty'."

I got one for you: "Dead To Rights." The guy shot at cops and threatened to blow crap up. I'd need to consult Texas and federal statutes to be more precise, but by my reckoning that's two felonies (at lease one violent AND aggravated) AND an imminent threat of life. In most cops' books, that equals "all bets are off".

Charles 9

Re: AC @YetAnotherLocksmith ... It makes sense, but...

"So, we are afraid he will detonate a bomb, so we will send in a robot with a bomb and detonate it (to kill him), thereby risking the detonation of the bomb we are afraid of. This makes no sense whatsoever."

Actually, it makes perfect sense. No one arms a one-way bomb if they have the slightest hope of getting out alive. I suspect the attack was made before the perp crossed the Point of No Return. As long as the explosive isn't armed, the odds favored blowing up the perp before he DID arm it.

Charles 9

Re: All Lies By Law Enforcement

How can snipers get a sight on their target if he's holed up behind a wall? There was a time they had to wait out a crazed rifle-toting bastard for three days. Snipers couldn't get to him because he hid in the basement. Finally, he decides to charge at them, and THAT's when he got shot, wounded, and caught.

Thing was, in this case, the perp had made bomb threats, meaning attempting to charge in could've had explosive results, including potentially toppling the building.

Charles 9

Re: Gunman murdered by the police?

"If the guy was in a building and shooting from it, could the police not remove themselves from the line of fire?

Starve him out or let him finish himself. He's no saint and I can't condone his alleged actions, but killing him doesn't allow justice to be served. The decision to use this robot in this manner should be investigated."

He had made bomb threats, meaning waiting it out could mean more explosions (including himself with say an explosive jacket; guaranteed collateral damage and possible more cops dead because the magnitude of his possible explosive can't be estimated).

Charles 9

Re: Upped the ante.

"When will we see suspects armed with drones bombing the shit of civilians from a remote location ?"

I don't know about drones, but don't forget "Unabomber" Ted Kaczynski, who set up numerous elaborate bomb traps. I think he also sent several bombs through the mail.

Terrorist drone bombings are probably not their style. Their preferred MO is the kamikaze attack, which they already did with 9/11. They don't care about surviving, and getting up close is one of the best ways to be sure of the job.

Charles 9

Re: @YetAnotherLocksmith ... It makes sense, but...

They couldn't just wait him out because he had already threatened to explode himself, and there was a high risk for collateral damage. If he felt he had no way out, he'd likely engage in a fail-deadly suicide charge like you read all the time in the Middle East. Could be as simple as a grenade still gripped but with the pin pulled; shoot him and he drops and arms it. Could be as elaborate as an explosive-packed jacket with a dead-man's switch. They had to take him out while he still felt he had a way out, meaning he wouldn't cross the Point of No Return yet.

Much more Moore's Law: Wonder-stuff graphene transistor trickery

Charles 9

Re: Except...

"All the time, just look at the generational changes in (for example) CPUs or GPUs. Or HDD technology, or NAND. But you're choosing not to notice?"

Yes, until I can actually SEE the technology face to face. GPUs and the like I can at least actually BUY. Why get all worked up on something that may not show up for years...if at all.. STREET release; THAT'S when I'll pay attention.

Charles 9

Except...

Except they haven't tried to do this in volume. How are you going to precisely cut the channels in the graphene? Make sure the nucleation doesn't leave holes or impurities, and so on?

This is nothing more than yet another "work in progress" article that whets our appetites but in the end leaves us hungry. When's one of these things actually going to hit mass production?

Kotkin on who made Trump and Brexit: Look in the mirror, it's you

Charles 9

Re: "lazy economics ... allow migration to give us economic growth"

"Democracy is a process of trial and error. It is (hopefully) self correcting because the majority can always change the rules if they get fed up."

Unfortunately, that's hopelessly naive. The idea overlooks the concept that the error may not be recoverable. For example, a charismatic closet dictator could charm the electorate to vote their rights away, allowing for either a forceful coup d'etat or (if they're smart) a slow boil such that the people don't realize they've lost the ability to "change the rules" as you put it.

Charles 9

Re: It ain't me

An interesting thought, yes, but it still raises the problem that elections bring up. Your typical person is not just stupid but too stupid to know he's stupid. What was that saying again? "A little knowledge can be dangerous." And now you want these "know-it-alls" to help deliberate long-term policy? This can't end well. Either they agree on something imbecilic, or the rare smart one in the group finds the charisma to steer them in the direction he or she wants. Before you go about this scheme, you should do something about the median level of education and skills first.

Wannabe Prime Minister Andrea Leadsom thinks all websites should be rated – just like movies

Charles 9

And this says nothing of the modern procedural web where content can be generated for any user on the fly, unique to each user. This makes rating pretty much impossible because no two viewers get the same thing.

PS. Looks like she ended up biting off more than she could chew. She's officially out which means a winner by default.

Charles 9

Re: Regression to the really mean

"The only safe internet is one with a single website. http://www.tellytubbies.co.uk/"

Even THAT one would be dangerous. Wasn't there a controversy as to why Tinky-Winky (a male) carried a purse?

Dad of student slain in Paris terror massacre sues Google, Twitter, Facebook for their 'material support' of ISIS

Charles 9

Re: obviously ...

"Not that such a lawsuit would wn either, but attacking Google et al. is like suing the road builders - without roads these terrorists could never have reached their destination."

Until they start using OFF-ROAD vehicles...

And before we go even further, let's not forget what made the Ho Chi Minh Trail so infamous; there was basically no way to wipe it out, as most of it was simple clearing trails full of people hauling more than arse on foot and bicycles (in neutral territory, even).

Charles 9

Re: Sue the US Government

EXCEPT there's this thing called "sovereign immunity," that is countries CAN'T be sued for their actions unless they LET themselves get sued. Otherwise, as the ultimate authority in their respective countries, what they do goes.

What's holding up Canada's internet?

Charles 9

Re: I really should stay out of this

That's easy for them to say. They only have to cover a space about the size of Illinois, and Japan is only about the size of California. Meanwhile, Canada is near the top of the list in terms of geography. It's bigger than the United States which has its own broadband difficulties (again, partially due to geography; running a high-speed line from New York to LA is tough).

'We shall overcome' net neutrality, sing Euro telcos in the key of 5Gs

Charles 9

Re: 5G

It IS working properly. Problem is, it's also getting crowded. It's like demanding the M25 run better during commutes when the chief problem is sheer numbers of vehicles on it: like trying to cram 13 eggs into a carton only made for 12.

Charles 9

Re: We don't need no innovation

UNLESS the whole business is a money sink (anyone that tries won't see a return on it), which is why they're not investing in it ALREADY.

Charles 9

Since when has a government recently done ANYTHING right, let alone efficiently?

Charles 9

Not if ALL of them realize the price is too high and engage in cartel behavior.

Facebook ‘glitch’ that deleted the Philando Castile shooting vid: It was the police – sources

Charles 9

Re: +1 for live streaming / storage

Hate to break it to you, but there are still bikes, boats, and just plain walking, which you can't take away without putting them in a wheelchair.

It's like with violence in general. Take away the guns and violent people just switch to knives, clubs, and bombs while the suicidal turn to vehicle impacts, self-defenestration, and poison (the three chief methods of suicide in Japan, a country with few guns, but more per capita suicides than anywhere in the west, last I checked).

Charles 9

Re: it is not the guns

""Fight back against the government when the oppress us".

Well, look what happened in Vietnam, Iraq, and Afghanistan. Home field advantage seem to count for quite a bit in a civil war...

Charles 9

Yes, evidence. And a warrant isn't always necessary if the scene is deemed a pursuit (or they can justify it before a judge after the fact: an "exigent circumstance" seizure).

Charles 9

Re: Amerifrica - Live there to see: The US is at 'War with Itself'

It's not guns. It's culture, or perhaps more properly culture CLASH. I mean, look at Switzerland. They seems to carry enough discipline to keep more guns around and still maintain a low crime rate. Then you have far east countries like Japan that can seemingly trust their government enough to keep things in order such that they can get away with tight gun regulations and not be up in arms over it.

Is it the independent streak? The innate distrust of government dating from its origins? Something about the US just seems to make things turn ugly when it comes to public-private relationships. And some of it is so ingrained that people would rather go nuclear than cooperate.