Posts by Charles 9

Re: Pole dancing

But sometimes, you have no choice but to go underground. For example, if you're in a storm-prone (by that I mean hurricane/typhoon/cyclone) area or a very northern latitude where freezing is frequent. Or you're near an airport or other place where airspace is restricted. Of course, if you're in a quake-prone or rocky area or have a high water table, underground is no-go.

Re: Joined up thinking....

Except for one thing. Those wind and solar plants are normally located far from civilization. What good is a fuel station far from all the vehicles?

"...so we'll have to buy a second one as well."

If such trips are infrequent, then you can just rent a longer-range vehicle for those times you DO need to go several hundred miles at a time.

Re: brake-energy-recovery systems

"The cost of server room cooling equipment which can produce useful heat for the building heating system outweighs the benefit of installing it. It's only worthwhile doing if you're cooling more than 100kW"

Plus it's only practical for areas that are cold for most of the year. Any place that gets a lengthy summer (or is just plain torrid) will have the double whammy of a hot server room and a hot exterior that makes it difficult to exchange heat.

Re: @AC

"Of course they are, have you seen how over-priced labour is becoming? The minimum wage hike taking away jobs and a running politician with the express aim of ramping up the minimum wage all over! Were businesses supposed to sit around until this was imposed and then all go broke? Then they would be employing nobody and the owners would lose their income. That will harm low skilled employment but it is public policy not robots."

Ah, but consider what Henry Ford was thinking. Without people working and earning money to buy stuff, where will their customers come from? After all, people without money—by default—won't be paying customers.

Actually, I think, it's currently a case of robotic dexterity. Human bodies have the ability to twist and turn and contort in some pretty fancy ways. Achieving the same dexterity with a robot, particularly a fixed-position robot that has to be able to adapt to numerous different positions takes a combination of mechanics and technology that are only starting to come together.

Re: @AC

Only this time there is a greater fear: the fear that, whatever jobs will be created, more and more versatile robots will already have the leg up on the meatbags. Meanwhile, we're almost to the bottom. Even fast food and retail are looking to cut staff with pre-order apps, self-serve stations, and self-checkouts.

Re: So...

For now. Until the robots come back, this time with the ability to adapt better. They're already working on that part.

Re: "...key hidden away in a secure chip that....without self-destructing..."

Show me one where they fully decrypt an iPhone 5c or later while locked (or better shut off).

Re: due process

Change the firmware without user intervention? When was that demonstrated on a locked phone?

Re: due process

"technically i suppose, if there is a backdoor creatable for one phone, then it could in principal be applied to every iphone (pre the soc encryption) , but i dont think this is the same thing. it can only be applied to another phone if a court decides that it is legal to do so."

The emboldened part is exactly the issue. If Apple is compelled to do it and complies, it opens a can of worms because it becomes a proof of concept. And note that the government cannot really be trusted these days, so once they know it's possible, what's top stop them asking for more cracks, only THIS time using the secret "can't tell anyone you're being investigated as we don't really exist" courts. Not only that, being legally compelled to perform an assertive action (like writing code) provides legal precedent for compelling Apple to lie about any warrant canaries (they could use national security statutes to trump fiduciary duty).

Re: No middle ground...

Beloved by the hoi polloi, not by those up top who only see the Constitution as "ink on a page." The biggest lesson of this age will probably be that representative government simply cannot last in the face of instinctive human greed; sooner or later, either SOMEONE will amass the power to usurp or more than one will and destroy everything around them in a winners take small infinite-stakes bid to remove the competition.

Re: Latest twist:

Nah, I doubt they'd be going for a Known Plaintext attack. Most encryption algorithms are robust against that as a matter of course.

Re: No middle ground...

Aren't we seeing that all the time? Isn't that what espionage is all about?

Re: Just give it to Google....

What about a black-project quantum computer and Shor's Algorithm?

"The whole point of signed firmware updates is that the existing firmware will trust them implicitly. Putting down a signed update that does what the FBI wants is easy for Apple. They have the source code and signing keys."

Ah, but here's the rub. Last I checked, user intervention is required to actually perform a new firmware installation. You can have the phone download and keep the installation without intervention, but because people USE their phones everyday, every update I've seen requires the user to say OK first, and THAT requires unlocking the phone. So now, to turn something said once by Spike Milligan, the crowbar you need to open the crate is inside the crate.

Re: Security hole?

Its a secret. Doesn't matter how important it is, being forced by the State to divulge secrets against one's will opens up a can of worms. Apple's contending ANY compliance will open up another can of worms due to a snowball effect; if they can be forced to do ONE, they can be forced to do ANY AND ALL.

Re: education

But the problem with education is that there will always be that segment that isn't willing to learn. What do you do with the rejects, especially in this situation where the effects of having rejects is amplified?

Re: Encryption doesn't kill people

The point is you're going at it from the wrong angle. Don't take on the tool. Take on the man. A man can switch his tools but can't switch bodies last I checked. But of course, that proves infeasible since "Haters gonna Hate" and a lone wolf usually doesn't become obvious until it's too late.

Re: FUD and nonsense

"Except that, as I understand it, the current high-level security is implemented in hardware so a later version of iOS would not be able to remove it."

True, but what if Apple's compelled to remove the hardware for future phones?

Re: Encryption doesn't kill people

9/11, Bath Township, and Oklahoma City never used guns yet killed more people than any gun massacre in US history.

Re: The reason I block ads

Actually it is. Ad clients will either demand a lower price for less effective work or they'll pack up and move to more effective advertisers. Remember, ad prices everywhere are based on the target size, and for the Internet in particular (where such measurement is actually possible in contrast to passive ads) can be based on the number of actual follow-throughs.

Re: The reason I block ads

Trouble is, unobtrusive ads don't get noticed and thus get ignored and are, to the ad men, wasted. Why do you think static banner ads are so infrequent these days? Because they tend to get ignored. It's been that way for ages. They make new ads, people become innured to them, they have to find other ways to get people's attention. Mark my words, they'll find a way around the ad blockers, probably by cooperating with cachers like CloudFlare (or becoming such themselves) and act as proxies so that the ads are served inline, part and parcel to create a take-it-or-leave-it situation, and by "leave it" it'll probably mean leaving the Internet altogether and going back to the days of the classified ad and the Sears catalog.

Re: Ads becoming a self-propogating virus.

"Now it's like driving through town, but instead of seeing one or two billboards with an advertisement, the entire town is just a giant ad platform with every wall moving and spewing rubbish into your face."

But you see, that's what the ad people are doing everywhere. TV ads are time-aligned so you can't escape them by changing the channel. Street ads are on every single street so you can't drive around them. Soon, inline unblockable ads will be all over the Internet (probably by using a proxy system so they're inserted inline and as a precondition for visiting any site). At which point, the only way you'll be able to escape from the admen is to go primitive. The only way to avoid TV ads will be to turn off the TV, the only way to avoid street ads is to stay home, and the only way to avoid Internet ads will soon be to stay off the Internet. IOW, it'll become the price of admission: go or no go?

Re: Hahahahahahaha

What if the ad folks become proxies and insert the ads inline, much like how modern product placement can replace sponsored products between runs of a show? Because the ad people are now between you and the content, you can't block them without blocking the content, too.

Re: compromised

"I can fully understand taking down the website as a reaction to this, but surely the best form of action would have been to post some sort warning notice to visitors along with the instructions of using MD5 or SHA. Anyone can come up with a basic web page the apologizes for the downtime and warns people of the fake download."

Because the WEBSITE was hacked. TWICE IIRC. Meaning ANY notice you put up would be promptly removed. In fact, you may end up tipping the hackers to post THEIR OWN instructions on using MD5HASH and so on...only with all the hashes replaced with THEIRS.

Re: md5?

"However, my point that sha1 let alone md5 is frowned upon still stands and doesn't bode well for mint when they don't even use sha1."

It's a compromise. MD5 may not be the best tool in the shed, but for now it's still useful against preimage attacks, it's standard, programs to do it are literally everywhere, and among standard-bearers like SHA, it's the fastest of the lot. And since hashing something big like an ISO takes time, especially with underpowered computers, that can be important in terms of actually using it (for hashing the Nandoid backups on my phone takes nearly as much time as the backup itself—ARM chips have a reputation for being thrifty but wimpy).

Providing an MD5 hash in combination with other hashes allows the user to make the conscious decision to take the quick-but-less-safe MD5 check or opt to use one of the other signature checks, either instead or in addition.

Re: md5?

Because although it's relatively easy to locate collisions with MD5, it's still tricky to perform a preimage attack against an MD5 hash (Given X', find Y such that H(Y)=X'), particularly a second-preimage attack (Given X, find Y such that H(Y) = H(X)) which is what you'd need to pass malware off on an ISO while still having the same hash. Anyway, many repos also offer SHA1 hashes as a secondary method, and it would be a computationally astronomical feat to be able to succesfully second-preimage attack an ISO that has BOTH an MD5 AND an SHA1 hash.

Re: "I feel sorry for the guys over at mint, they made Ubuntu usable."

Or they could be housed in countries hostile to the LEOs, meaning they can't be touched in any event.

Re: Apple is mostly right

"You portray Apple's position as black and white, but it really isn't. Apple is being asked to spend their own money breaking into their own OS. No matter what they do, there'll always be *some* attack that can work against even future phones, even if it requires taking the phone apart atom-by-atom."

Even if there's a self-destruct mechanism? There IS such a thing as a one-way mechanism, meaning one CAN physically render a package impossible to open without destroying the contents first.

Re: America Is Safe

Moonshiners also know they have to keep a low profile. And the best way to keep your still secret is to stay low-tech. No power, minimal fuel, equipment easy to conceal or, as a last resort, rebuild. Anyway, the nature of the beast restricts the level of increased efficiency a moonshiner can squeeze out before something else chokes up the process (usually mash or water supply).