Posts by streaky

Re: For the want of another IP ...

The majority in some demographics are still using non-SNI compliant browsers (notably XP/IE8)

What demographic, is it actually true even. These numbers are based on estimation rather than direct measurement.

I own a site that's used heavily by normal people in South America, Africa and Asia; if it was salt measurements on a packet of crisps it'd say "trace". Even directly measuring this stuff is sketchy; < 1% of my IE users are using version 999.1.

999.1; let that sink in... That's measured by JS not the UA string.

Even if any of this is relevant it doesn't mean it's actually sane to pander to these people. Most people on XP should expect they have a serious security problem anyway and use Firefox/Chrome/Something Else.

Re: Innovation, Invention?

aren't capable of anything more than buying other companies

They've made it pretty clear they aren't even capable of doing that competently, or at minimum integrating the company competently, anyway.

Re: Official Title

This rag-tag army of 30,000 medieval butcher bastards is doing a pretty good job of avoiding complete destruction by billions of dollars worth of western might

Probably help if the "west" was actually trying to end them. It's literally a 3 day job if they used an equal amount of air power and just went to town on them.

They're rabid animals that need putting down regardless of the competence of the war against them.

Re: FATCA

you might want to read up on tax treaties, the US FATCA legislation means that the UK is already committed to reporting on any US relevant tax data in a format requested by the US.

From a legal perspective companies within the UK are required to report these transactions to HMRC who then provides them to the US IRS.

*facepalm*

Re: Growing up is tough

think like Bash, but more modern / powerful / secure / more fully featured / parallel executing / object orientated / multiple data type support, etc. etc.

Shame Microsoft still can't make a console you can just drag to resize.

No really, powershell might be (and might not be for a long list of reasons) more useful than bash, doesn't change the fact Microsoft hates text consoles. They might foist it on people but it doesn't make it any better for the average windows admin in the same way as a bash shell on a linux server does for an equally competent linux admin - and it won't change 20 years of corporate culture of being all about the GUI. The windows registry is one of many symptoms of this problem.

I say this as somebody who manages servers with both, and has been managing windows systems for hitting 15 years now - they're not comparable precisely because of the way microsoft buries configuration. You need a GUI just to have clue what is going on. Sure you can manage a farm from a single server but you can with linux too, this isn't something that helps most people.

That said - as I said as long as it's installable, preferably from an unattend one way or another; it's mostly irrelevant anyway.

Renting and streaming games works great for... well... no-one

I'm not so sure this is true, it kinda makes sense in the console space, in the PC gaming space it makes no sense at all though.

Re: Take GCHQ's crown?

I don't really blame GCHQ they're going to keep asking for more powers and more money, it's for the civilian oversight to make sure they're behaving and are limited in the things they're allowed to do especially against perfectly innocent citizens. That's why you vote Theresa May, the biggest threat to democracy and freedom since Hitler, and parliament for their complicity/bit part.

Re: How many of you Windows user will be...

consumer OS licensing revenue is not as important as it used to be

To be fair I'm pretty sure it's a major deal for Microsoft and shareholders are going to take some convincing.

As for parties, OS works, get on with it.

Re: "close a capability gap"

The capability gap argument is bullshit you're right. The ability to monitor phone "metadata" as they say only exists because the data is held for billing purposes - once you create the data it's arguably fair game for law enforcement.

The records of who people are emailing, and who and what they're tweeting and something something facebook both doesn't need to be held for billing and is encrypted anyway. This means to trawl through this data you actually need to do two wholly new things - have companies track/record packets and probably somewhere decrypt them.

That's not a capability gap caused by technology, it's a capability gap caused by phone companies pretending we still use mechanically switched telephone networks and ripping everybody off.

If they need to see somebody's comms they should have to require access on an individual basis like they're supposed to do with phone lines because that's the equivalent - they ARE looking at content, the "metadata" IS the content which is precisely why it's so useful if you're going on a fishing expedition. Also, it shouldn't be admissible in court like other wiretap evidence for the same reasons (it's actually not anyway, courts won't have it, but it should be made explicit in the primary law).

Re: Stallman isn't my cup of tea

without him things WOULD be very different. MS would be squeezing our private parts even harder than they are doing

On day one I'd agree with this, many years later both he and the FSF are (and I admit this is counter-intuitive) active barriers to adoption. He scares companies away from Open Source - and the problem with that is most funding for OSS comes from, remind me where again..

Not for nothing but most of Root Mean Square's fanbase is in people who don't write OSS code, those of us who have and do, generally, tend to hate him; often with a passion.

He rubs me up the wrong way because he believes that as a software developer I shouldn't be allowed to own any intellectual property around any true invention. That friends, is completely batshit. Most of the stuff we take for-granted only exists because of the intellectual property rights of people who invent things. He might be a reaction to the US' broken patent system, but that doesn't excuse it. You fix the patent system allowing trivial "invention", not aim for the stone age.

If programmers deserve to be rewarded for creating innovative programs, by the same token they deserve to be punished if they restrict the use of these programs

-- Guess who. Remember this guy lives in a world where people need to acquire housing, clothing and food.

Re: An excellent example ...

currently hospitals in Athens are running out of painkillers and money to pay nurses

That's because of German-imposed spending cuts, not because the country is actually out of cash. Not for nothing but I don't understand how what you're saying if true doesn't start a civil war but I better stop before I get labelled an extremist by our fascist overlord awesome Tory government.

Re: @ Stuart Longland

Perhaps they should code name the next chipset in development Чёрная Молния (Black Lightning)

Pretty sure you mean Cocainum.

Re: Should be simple enough

It is simple, "all of it" is the answer.

Re: In other words...

Fines are never the answer

They're not the answer but if they're big enough and often enough they might be enough to prevent people cutting corners short term. What I'm saying is they're not going to suddenly secure every system in the country but they might help drive investment in competent persons and stem the security brain drain and outsourcing.

Re: Trey Ford of Metasploit maker, Rapid7 is like the pot calling the kettle...

In what way is it questionable to watch how your kids are abusing your computer?

Devil's advocate: probably because spyware isn't a good replacement for a babysitter. If your kids aren't able to deal with technology for age-related reasons they probably shouldn't be using that technology unsupervised.

As for employer/employee relationships, people need to get a grip and not work for companies that do that.

Re: Old news

I feel that Boeing and Airbus are doing everything they can to cover the situation without fixing the issue

I'd lean towards agreeing with you, there's something about this story that doesn't add up. Either safety critical systems can be compromised this way, or they can not. The end.

I believe that flight MH370 was compromised in this fashion and is a reason why the investigations are being hidden

And then off the deep end. You have to find an aircraft before you can investigate what caused it to crash. It wasn't aliens, it wasn't Bin Laden. Shit disappears, it's a big ocean, relax before you have a stroke.

Re: Don't knock it

I'd take air miles, the problem is the requirement of having flown with them before...

Edit: apparently you can just sign up.. http://www.united.com/web/en-US/apps/account/enroll.aspx

what's the impact if we ban/deport immigrants

Very few people are suggesting that immigration stops. The key here is rather than having to support low-hanging-fruit (and it does exist) we can import more stuff from the top of the tree. Immigration might be the same as it is now, but you'd hope to go out and attract more talent.

Not for nothing the idea that all sorts of generic movement/trade barriers would go up is absurd - at the same time we can do things like go for easier to negotiate free trade agreements with the US/China et al that are less comprehensive and not have the trade barriers to - for example - buying cheap solar panels from China instead of having to overpay for them from Germany.

Re: "the SFO gave up"

Are YOU serious?

To once again quote Mr Worstal, where there's Autonomy, there's a whiff. Nothing solid (yet), but having SFO staff investigate Autonomy business practices is a bit like having ex-policemen investigate complaints against the police. IE overall it's unlikely to be convincing, even if they come up with the right answer. Justice has to be *seen* to be done.

You still haven't explained where the conflict of interest is here. If the SFO is going to lean either way it's going to be towards HP's views given who is in control of the software in question.

It's easy to heckle and lob abuse from the AC cheap seats, you're just doing exactly what HP is doing, making accusations with nothing backing them up.

Also by the way - justice being seen to be done, are you seriously suggesting that Autonomy's former management should be prosecuted just because they're people in a position of profile and it'll make you feel better despite, ostensibly, doing nothing wrong?

Per the SFO, and I see zero issue with what they say:

The SFO uses an HP Autonomy product. Throughout the investigation we have kept the potential for conflict of interest under review. Such a conflict of interest does not exist, nor has it ever existed, and the matter played no part in any decision concerning this investigation.

It is, in fact, a HUGE leap to say the SFO will lean towards the people who are no longer involved with the business. It's just absurd - and even if it wasn't they're not the only people looking into the case regardless.

Re: Action. Counteraction.

unless they come from Google

Faulty assertion made on the assumption that Google isn't going to change their certs. Protip: they are.

Re: Clever engineering

I thought the discussion of FOV was a bit cheeky of 'reg actually - they know full well it's a dev product, and increasing the coverage is just a question (most likely) of fab which I'm sure they're thinking about. Can't see how they will let a product crash into a wall just for that.

Some people won't make the connection is why the article bothers me a bit. Truth be told I'm not even sure the reg hack concerned did given what was said.

Re: Fundamental Flaws..

So nothing to see here, move along.

Either way the point is server maintainers shouldn't find shits to give.

Re: Hardly a bug, is it...

If people who get tattoos and buy Apple watches are plonkers squared, what are they if they are also men wearing said watch on right wrist? Plonkers cubed!

Re: Oh Please! This is worse than 3D TV

not really 3D

Remind me how you perceive 3d objects in 4d space with your 2d vision again. Oh, that. What IS 3d? How do you define real, as Morpheus would say. It looks 3d, the rest is bullshit and people trying to look smarter than they actually are.

I'd just rather go active/capacitive on principle. If you need this you probably already have and this is likely to be the fatal error with this device - at least give it a proper stylus rather than suggesting people use pencils..

Re: The cynical part of me...

What a bizarre view of the world.

It's not a wildly unreasonable assertion. Who is going to come out worst from a system that relies on internet-based individual registration that requires some form of id, hint: they're not rich and living in Kensington and they're not very likely to vote Tory anyway. If there's a huge hole in support for non-Tory candidates where there shouldn't be one because people are being turned away at poll stations candidates in the final election tally there's a fair chance of the courts nullifying the outcome, and that's going to be extraordinarily expensive.

Personally speaking I make sure my credit report is correct and I have a recent passport so my registration went through very quickly but the holes in the thing are glaringly obvious.

Re: As much as an MS fanboi that i am,

It does somewhat rely on the HV itself being secure, which they commonly aren't. I'd suspect all that's really happening is a raising of the competency barrier required to insert malicious code into the kernel - which might not actually be a bad thing, what's probably at question is the extent to which it's actually a good thing, or rather how competent it is.

Re: I've never known the police get uppity...

Police aren't the problem in my experience, it's usually private security who don't know what the fk they're talking about. I do a lot of photography around Canary Wharf and in London. Police show up you generally tell them to tell them to do one and they oblige.

And trust me I have plenty of photos of the police, for example the one on the header of my twitter profile. They've never asked me not to once nor used threatening behaviour.

Re: startls

The problem I was told was that it if the TLS negotiation fails it can fall back to unencrypted silently so you think that your protected but aren't

Depends how clients/servers are configured. Indeed the STARTTLS RFC explicitly states that it shouldn't fail silently. Real world however..