Re: 'tis the Merkin way
There's at least 4 here
2156 publicly visible posts • joined 4 Jul 2009
> Am I missing something, but apart from the packet header, if the contents are encrypted then it does not matter if it is being snooped or not. The sheer volume of encrypted data passing through each device would be sufficient to render on-the-fly decryption impossible, and finding anything specific to decrypt would be like finding a needle in a haystack in a hurricane.
It's probably relatively easy to filter out a specific user's traffic for a given identifier at the access network - but you need to know which temporary identifier a user is using which requires some smarts, either in sniffing more signalling (and possibly exploiting vulnerabilities to get at decrypted signalling packets), or with cooperation in the core network (i.e. the MME telling you the TMSI for a given IMSI). All you need to do then is header inspection to identify packets of interest.
You don't need to decrypt everything if all you're interested in is one person
> True, however an antenna, an amplifier and similar devices simply can't snoop without it being incredibly obvious to even the most hamfisted and blind installer that it's designed to do that
The hardware is *designed* to snoop in that it has to receive and transmit signals on designated frequencies associated with the mobile traffic for the operator - it's the software that does the snooping and there is a *built-in by design* function to do this called Legal Intercept which allows for the lawful interception of traffic for a specified set of IMSI's or other identifying information. The ability to do this in the access network is somewhat limited as the user data is only seen in encrypted form at this point, however I'm sure an edge-compute node will get specified to do the decryption in a trusted manner at least.
What everyone is instead banging on about is the concern that backdoors into this functionality is baked in to a vendors software - Cisco are known for it, so it would not be surprising (to those in the intelligence community) if other vendors also do it. However, such messing about will be tricky as the infrastructure involved is ordinarily walled off within private networks that *should* be security hardened, and it *should* be detectable when such interference happens.
It is probably a storm in a teacup, but I'm not entirely sure how big the teacup is.
> improving connectivity for (buzzword alert!) IoT.
That may be part of it, but another major use case (possibly higher up the list than IoT shite) is to provide domestic broadband as it gives the opportunity to have decent data rates to fixed antennas on properties (probably requires the homeowner to mount a decent antenna on their property, and then route that to an internal wifi router, but that's probably cheaper than laying FTTP, and should get better data rates than long-cable DSL)
> Large cells mean lower capacity, as the capacity of every cell is limited.
Incorrect, large cells mean covering larger number of users, therefore more contention and lower service levels for each user. The capacity of the cell remains unchanged. The quantity of potential traffic to be served by a cell is what changes with range (and population density), and operators try to balance that to get maximum ROI for each cell without impacting performance to each subscriber (for a given value of acceptable performance which may vary per operator).
> No pigs were harmed
and
> The robotic catheter managed to navigate to the right position 79 times out of the 83 trials carried on five pigs
In the 4 that failed, what was the clinical outcome?
Very interesting, though, and I'm sure a fleshy human would find it hard to have that success rate on a beating heart
>There's practically nowhere you could plonk down a tower that wouldn't cover at least a few people.
Yeah, but if you plonk it too close to one of your other towers on the same band, you'll get interference and user experience suffers, and if you plonk it too far away then all their calls will drop when they move about a bit.
Plus, you also need to plonk that tower down near power and backhaul infrastructure, and get planning permission to plonk it in a nimby's backyard.
It's not entirely trivial to do all that, you plonker :)
> GiffGaff: Very easy/low commitment to give it a try.
>Even better: When you do, you find out very quickly that the bandwidth available to data is absolutely appalling
And there's the rub - shopping around for a deal with an alternate provider can net you a good deal on the face of things, then you start using it and find out you would probably like to go back to your old provider but find they won't let you back in on the same deal.
Other utilities are comparable - switch leccy to a "budget" provider, and your voltage doesn't drop to 200V AC, you will instead get the same "service". The problem with switching mobiles is that it is difficult to try before switching or compare without having 2 phone contracts running in parallel, and every location in the country will have a similar problem.
It would be nice if there was legislation saying "if you leave your provider but want to come back within a certain short time window because the alternates you are trying are crap, you should be able to come back on the same contract, with the same perks as when you left" *
(*) Happy to be told I missed out on an important announcement and given a link to news that says just this!
> I would hope that someone at Hertz kept a journal of all the Accenture powerpoints promising how wonderful the website would be and progress against milestones...
That would be "sales collateral", and probably not admissable in court as all sales material is generally labelled as a work of fiction. Dated, reviewed and signed product specs such as those listed in the article (responsive design, non-PDF documentation, etc...), plus emails/server logs showing transfer of those materials to Accenture, are much better
I think most large consulting or software dev houses do something similar - it's just the classic bait & switch. Put your most competent people front of house for sales pitches & initial bit of work, then move them on to the next pitch asap and replace with your cheapest employees (not that you change what you charge). I've seen it so many times, and most times the relationship between the companies is so weakly worded that the consultants can get away with it. It looks like in this case that Hertz at least has some good documentation showing that Accenture fubar'ed the work, so I hope they win their day in court and take 'em to the cleaners.
Meh - it's still probably got loopholes glaore. 5G is gloriously distributed computing, so Huawei can probably classify something as RAN that can hoover up all sorts of data - MEC platforms in particular would seem like something they would focus on, as they can do RAN functions and don't need to sit in the traditional core.
> How many people are piping their gigabit FTTH into enterprise class routers and sticking with wired connections? Not many.
My router doesn't need to be enterprise class, but my connections are wired (apart from phones and tablets, natch) and I demonstrably get my FTTP speeds (100mbps up and down, other higher rate packages available) at all times on those devices.
The main reason CityFibre et al are "whining" is that they try and differentiate themselves from BT, which sells "fibre" that is different to the true fibre they are offering - so folks might say "but I already have fibre" when comparing, even though they don't.
Whether they need fibre is another question, but hey-ho.
I wasn't trying to imply the Justice was bent, merely that commercial interests weigh in on both sides of the argument.
IANAL, so yes, I have no idea what a Court of Justice is for, or what the requirements for bringing a case to them might be, but I do still hold out hope that truth in advertising will prevail, and FTTC can no longer be conflated with FTTP.
> The judge dismissed Cityfibre (and Hyperoptic)'s legal arguments in part because "it would suit their commercial interests if that were the case".
And in whose commercial interest is it for the judge to rule this way. It should be no issue that there is a commercial interest in a ruling, the ruling should represent what is correct/fair/just, and this sure as shit doesn't. In practice, anyone can now be sold a "fibre broadband" product with wet-string at the consumer end because at some point their traffic is nigh on guaranteed to transit a fibre link.
Source: http://news.met.police.uk/news/update-arrest-of-julian-assange-365565
> This is another one of those situations where the rest of the world stares open-mouthed in disbelief at how America does things
True, but should this legislation pass, how long before the lobbyists money starts trickling across the pond?
The whole Making Tax Digital thing on VAT as a case in point - HMRC won't produce free software to do the submission, and is closing off the rather simple VAT return portal to those businesses that have to switch to this scheme, and will roll it out to everyone, and will then increase the scope of it to include uploading individual transactions.
Perhaps this will decrease VAT fraud (e.g. the carousel crowd), but at what cost to both HMRC and to UK plc (and what benefit to corporate accounting software houses)?
Are they replacing blocked ads with their own vetted ads yet (at least that's what Wiki says they want to do)?
Not trying to bash them, as have not tried it - I'd be interested in a non-Google browser that synched various things (e.g. form fill data) securely between my phone and PC (which seems to be a Beta feature of Brave at the moment). Vivaldi doesn't seem to be available on the phone
> Why produce TWO passports?
It's moderately common among business travellers - one to be sent off for a visa for trip N+1 while away on trip N. Alternatively to stop a country from seeing you've been somewhere they don't like - e.g. it used to be the case with Israel and some Arab nations, although I've heard now that Israel puts the stamp on a piece of paper stapled into your passport, which can therefore easily be removed.
The reporting on this data is a bit iffy, imho. While I agree that there is a job-specific gender pay gap in the UK job market, this data set does not compare jobs at all, but instead reflects only on salary of all employees in a company.
What the data implies more is a job-disparity, perhaps partly reflective of all those male baby-boomers being in the more senior positions (due to being the ones with the experience to do those roles, due to historic (and probably continuing) sex-discrimination), and thus earning more than those in the junior positions.
It will take time to achieve pay parity in this data set, as it requires the under-represented female gender to achieve job-parity to be a true comparison between the genders. When there is an equal number of women and men in each position in a company, then this metric becomes valid, until then, continue the fight to ensure that women have an equal opportunity for each job (as well as the corollary of having the same pay).
One of the frequent examples called out (at least in recent times) is the disparity between male and female pay at Tescos, which is brought about by their warehouse staff earning more than the shop-floor staff. Guess what, there are more men than women in the warehouse, and more women than men on the shop-floor. Within each category, the men and women earn exactly the same. Whether the warehouse job has more value than the shop-floor job, I cannot say - but it does to Tescos. I would also hope that at the very least the rate of application to each post from each of the sexes is reflective of the balance of the sexes in that role (e.g .if the qualified applicant rate for a post is 60% male, 40% female, then perhaps that should be the ratio of m:f employees in that role).
It's a complex area, and I think this dataset inadequately represents the extent of the problem.
It's fairly common for the core to be one vendor and the RAN to have more than one other vendor - IOT (Inter-Operator Testing) takes care of that, and it's in the vendors interest to do this properly even if they'd like to have the complete network footprint as a sale.
What normally happens in the RAN is that an area is defined as "here be Ericsson", and that will be their footprint. Messing around with that paradigm is folly, as the performance statistics of one vendor will not necessarily equate to those of another vendor, therefore you'd need to expertly merge that data to properly understand what your network is doing in an area with multiple vendors.
There are some standards defined performance metrics (TS 32.403. IIRC - that might be the UMTS one, anyway), but they're possibly not the most informative stats for network diagnostics. It would probably be quite hard for a RAN engineer to trace issues as the user(s) experiencing those issues move between vendor sites.
> I had no idea what was going on in the black box. Nor do I know if I could trust it
The crux of the problem with AI/NN. There are a few tools around that attempt to give insight into this (IIRC, there was one that illustrated what features of an image a NN was using to classify cars moderately recently), but even these aren't the best indicators and I didn't really gain a sense that the indicators were meaningful - e.g. there was a wolf / dog classifier trained on a large number of images, but it turned out it was learning on the fact that all the wolf images in the training set had a snowy background.
It's the inability of the NN to tell you what it is doing, plus the high risk of innocuous biases in the training data that will lead to many failures in NN deployments, and I would not trust it to do anything remotely safety-critical until this is addressed.
Saying that, there are probably many cases of the brain behaving in exactly the same manner - in how many cases for this experiment (or any other human vs AI experiment for that matter) could the individual enumerate precise reasons why they classified a voice as fake/real? Sometimes it's possible, for sure, but other times it's more arm-waving
I believe there are devices that exist in optometrists that do something rather similar based on measuring the curvature of the eyeball - at least to get to a ballpark prescription that can then be fine tuned with the weird Clockwork Orange glasses and "is it better with this lens, or this lens" questionnaire
Average cost of a pair of specs in the US is $253 (as at 2011), and £148 in the UK (from 2005). IIRC, manufacturing cost is around $7-10. Several online companies are trying to break the stranglehold Luxxotica (and a couple of others) have, but the main problem is you still need to go to an optitian to get your prescription and you ideally need to get one to fit the glasses to you.
Glasses are all made in one or two sizes, generally, so that adds to the problem. Would be interesting to see more on the fitting process that North uses....
Also, what load is the 60m mast rated and, and what is the effect of adding a bunch of antennas and cable to that?
Equally, what space is available at the bottom to install cabinetry for the main bit of electronics that makes up the base station?
How far is the nearest access to fibre backhaul?
If the site is only accessible over private land, what are the access rights?
The list goes on...
Who'd have thought - here in the UK only the applicant can appeal a planning decision (source), whereas people who commented on an application can also appeal in RoI (source). Much more sensible over there (although perhaps it may add rather a lot to the administrative burden with all the NIMBY's in the UK).
Good on him, takes a lot of work to go up against expensive planning consultants
> I don't understand the article as an American
In the UK, when businesses buy something for use in the business they still have to pay the VAT (a sales tax). Roll all the VAT charges of stuff bought, and call it amount A.
That business then sells something (product/service) to someone or some other business - they then charge this tax to their customer. Roll all these taxes up and call it amount B.
Some items are exempt from VAT charges (e.g. train tickets when you buy them, bank fees), it's not completely trivial to work it all out, but it's not rocket scientist and a lot of folks just build an Excel spreadsheet to do it for them
At the end of every quarter (or possibly annually), the company then pays (receives) the amount (B-A) to the govmt (or receives a refund if it's negative).
Currently, the online tax return form has at most 7 numbers to fill in (to also account for sales to/purchases from the EU), and it's a piece of piss to log in to the govmt website, go to the "Submit VAT return" area, fill those numbers in, and click Submit.
Govmt, in its infinite wisdom, are "Making Tax Digital" by insisting on building a moderately simple API into this, not providing software that uses it, and trusting "free enterprise" to provide these tools to businesses to submit these returns - as part of this the manual entry method will be closed off to businesses. This is particularly painful for small businesses as it potentially adds further accounting charges to buy/maintain software that provides access to this API, when it's just a simple task anyway.
Also, this is probably just the start of a "modernisation" of VAT reporting - currently it is only mandatory for companies with revenue over a particular threshold, but it will eventually get rolled out to every business, and I wouldn't be surprised if the reporting requirements eventually expand to actually submitting your individual business transactions to the govmt, rather than what is effectively summary data.
All this in the name of "making it simpler for business, with lower likelihood of mistakes" (it isn't), and "making fraud investigations simpler" (I can see this if the auditing tools were developed well on the solution with all the transactions uploaded, but equally I can see them being completely fucked up and falsely identifying loads of folks as fraudsters).
But you'll end up with a massive govmt database of every business transaction, which of course could never be abused...
MTD is still a complete fluster-cuck. Having to buy in (*) something to fill in 7 numbers on a web-form seems pointless, particularly if you close off the alternative method of "just log in, click on 'submit return button', transcribe numbers from spreadsheet, check 'em, and then click 'submit return'".
Why could they not just release a simple Excel plugin that adds a new sheet to your spreadsheet with a fixed format, asks you to select where the data comes from on your spreadsheet, specify your login credentials and then gives you a "submit" button in Excel, I don't know (and even this would be a pain in the arse as I bet it wouldn't remember the credentials for security reasons)
(*) free stuff is out there, but I'm guessing the non-trivial businesses will just eat the slightly increased subscription to their accounting packages/people to have the API integrated