Posts by Charles 9

Re: I wonder how many people who commented on this article....

He's saying Google and Android are part of the problem. IOW, people using Android mobes to comment on invasions of privacy are basically hypocrites.

Re: Civilisations?

But did any of those past civilizations have the power we have today, where a chosen few, if the need arose, could easily eradicate a few million people without much in the way of outside assistance? How would the oppressed masses feel if even their combined might were no match for, say, a nuke in their backyard? Even worse, what if these oppressors felt, in the final analysis, if they couldn't win, then MAD would be considered preferable to ceding power (Death Before Dishonor)?

Re: Industry pressure

Markets can't self-regulate because markets are run by humans...and humans, in spite of popular belief, default to irrational behavior. Essentially, they run on emotions first and logic only when the former doesn't get in the way. It's for this reason that things like lotteries (that play on inherent optimism) can make a killing. It's why you have runs on the bank and panic spikes.

Re: It can't happen to us...

"The fact that they chose to ignore the warning is purely indicative of stupidity, payola, incompetence or whatever but, now that the FBI, Department of Defense and others actually have had their fingerprint database stolen, how confident do you think they will be in the next snake oil salesman?"

Probably just as confident as they were last time. The people making the decisions now probably weren't the ones who made the decision when the fingerprint scanners appeared, have been lulled into complacency, and will willingly make the same mistakes again, banking on persistence paying off before insanity hits.

Re: Easy to bitch about other people's work

But in each and every one of those scenarios, there's something between the IT and the life involved. Since IT is mostly nonphysical, it's hard to DIRECTLY pin the blame on the IT to the point the average joe has no recourse but to blame it and nothing in between.

Re: Be careful out there kids....

"You mean something like this?"

Even that's going to be shaky. See, with IT you're mostly dealing with virtual, non-physical things. There's always at least one degree of separation between IT and your life. In this case, faulty compilation, not a flaw in the code itself, was the primary problem. It could also be one of a hundred other things between the code and the life that proves the linchpin. Yet it has to be that DIRECT connection that will make people pay direct attention to the actual code enough to make it matter.

Re: Nice idea

"That worldview is fucking appalling."

It's also the only one THAT ACTUALLY WORKS. Welcome to Reality. Why else has no other beast on Earth tried what we're doing?

"Jesus H mother of goddamned donkeyfucking christ, what the hell happened to us that we've forgotten so much, so fast?"

We've come to the realization that, in the final analysis, it's every man for himself. Nice guys finish last, and if you don't pass on to the next generation, you might as well be whizzing in the wind...

"If my country follows, it too won't be fit to call civilized either."

So what happens when ALL the countries fall down the slippery slope? Are you willing to say then that civilization as a whole is a failed experiment against the baser instincts of humanity?

Re: RE: In civilized countries

"suitcases of campaign contributions" - BZZZT!

You broke what wasn't broken. That's just the carrot. You forgot the stick of, "Do what we demand or we'll take our business (and our taxes) someplace friendlier to us!" How else do you think oil companies can get such generous tax terms except because 10% of something is better than 100% of nothing?

And I disagree on the disagree. It's happening EVERYWHERE; you just don't see enough of it on your side yet, but it HAS happened, it IS happening, and it WILL happen, inevitably, to every civilization you see. Yours just may not be that far along, but it will be soon enough.

Re: Nice idea

If "Following Orders" is the only way to put food on the table, ethics kind of takes second priority.

Re: Be careful out there kids....

"We probably need a large scale disaster, like Seveso in Europe that lead to the EU Seveso Directive for chemical plants safety"

People won't pay attention until their lives are in danger. Think of all the regulations that are in place in other industries. Nearly all of them came about because someone DIED or was SERIOUSLY HURT as a result. It's about the only motivator that matters. But since IT deals primarily with virtual, non-physical matters, it's going to take something truly extraordinary to pin IT on a death.

A civilized shithole, and the inevitable result of civilization if history is any indication.

Re: Nice idea

"Or maybe you just want to wait until the price of individual selfishness and cowardice on behalf of developers is measured in bodies."

About the only way you'll make people care is when you can directly pin security faults and so on to people dying. That's what it took to mandate seatbelts and airbags, recall cars with explosive gas tanks and ground faulty airplanes. Nothing less will do.

"Engineering in civilized countries functions this way. It's time to apply this to development, and IT in general."

But in really civilized countries, the executives have the legislature's ear with carrots and sticks, blocking such efforts. What then?

Re: "I know where your personal details went "

"Or, perhaps: "which corporation has leaked or sold your personal information today?""

What happens when the answer comes back, "ALL of them", and you're faced with a desperate need to put food on the table? Principles are tough to defend when you're starving...

"Some form is biometric device is far preferable."

But what happens when someone copies your biometrics and steals your identity?

Re: @Charles 9 - This from a security team!!?

"I lean towards the 'sack them for undermining security' solution, rather than weakening overall security to make their lives easier."

Which quickly gets reversed when you learn the one demanding the relaxation is ABOVE rather than BELOW you.

If your reception is so bad even an SMS is hit or miss, you basically don't have a practical second factor to work with, which means you're SOL.

So that leaves a big unanswered question. How do you do 2FA when lots of people don't even have a second factor to work with?

Re: This from a security team!!?

But you also have to consider the secure-vs-easy scale. If you try to make the second factor too onerous, people will say, "Sod this!" and look for shortcuts; failing that, they'll abandon the whole works. How do you do secure in such an environment?

Then you're not working from the inside of an enterprise. Many enterprise units contain control sites that require Flash or other compromising features just to operate. And since these frontends are attached to highly-expensive, usually-still-being-amortized hardware, you're never gonna get the bean counters to put up for replacements.

Re: I wonder what the commentariat of this site are going to do

Just search "exploding iPhones" (all of which are sealed) and you'll get a laundry list. I recently swapped out the battery of my S4 after over two years because it was starting to bulge dangerously, so I can speak of the dangers firsthand.

No, the OP says they work at contactless range, up to a few inches. Cassette adaptors only work at contact range, right up against the playback head. I've broken open a few of them myself to see how they work.

Then the phones can use THAT. That's the point. Anything that can take a stripe can take this.

So if an American with a Chip card comes along, the retailers are SOL?

Contactless took a slide due to retailers wanting control of the transaction. Only when Apple Pay came along did it start a comeback because the retailers didn't want to snub Apple and its loyal base. As for Chip and PIN, the transition's in progress. Many retailers have installed Chip-readable terminals but haven't turned the readers on yet. Mostly it's the third-party readers that can do it right now. BTW, most of these new terminals can also do contactless, but like the Chip reader, most retailers leave it turned off on preference. As for a phone emulating a Chip card, the physics of the reader and the design of the cards will likely preclude integration.

PS. Early experience with the Chip notes that using it is slower, especially on low-value transactions, than the stripe, which may turn off some people who already have zero-liability on small-ticket (no need to sign) transactions (as do the retailers).

"No doubt that this has been patented, even though it's the same technology used in those line audio to cassette tape adaptors we all had in our cars before in-car CD players became the norm ten years ago."

Actually, cassette adapters utilize heads similar to those used by the playback, except they're used in reverse, to induce magnetism in the heads instead of detect them. Crack one open and you'll see it really isn't all that complicated. About the only things inside are the induction head, some electronics to convert the line-level audio in to a level comparable to that stored on tapes, and some takeup mechanics to ensure the player's on the correct playback side.

Re: I'm thankful I don't live in the US

You ever thought the callers are actually kinky enough to get off on their own drivel?

Re: A general problem

And if they sell direct to international customers over the Internet?

Re: Bright side

"Fit for Purpose" laws can trump contracts, even ones with "No Liability" clauses.

Re: "it needs to push carriers to push over-the-air updates promptly after fixes become available."

It's more than that because of the automatic negotiation and the fact they can tie it to your existing number: something IIRC SIP can't do.

Re: Radio is so 20th century

Actually, you'd think what they want is masers (substitute light for microwave). Thing is, tight-beam communications on mobile bases suffer a huge drawback: the need for steering.

Re: You beat me to it

"...is there really much evidence that we could do worse than ICANN without actively working at it?"

Ever heard the phrase, "the worst thing there is with the exception of everything else"? There's a distinct chance, given the bureaucratically-charged power-grabbing atmosphere, that this is the least worst possibility on offer. Anything truly beneficial will never be backed, and anything that will be backed will be corrupt as Hell. So what's your choice?

Re: Another Option?

Unless the solution that appears is even worse. And to top it all off, if anything other than ICANN were to take over, the end result may be a fracturing of the Internet standards. After all, if the US loses control of the Internet standards, might there be a mad power grab in the vacuum left in its wake?

Re: Munitions

Yes, but the restriction was lifted when foreign encryption standards outside of US control caught up, making the whole exercise meaningless.