I've never known the police get uppity about being filmed/photographed. Sometimes about what they're near but not themselves.
It's all evidence regardless, always remember that if they ask you to delete things..
Posts by streaky
1745 publicly visible posts • joined 5 Jul 2010
Page:
Transparency thrust sees Met police buying up to 30,000 bodycams
Lack of secure protocol puts US whistleblowers at risk, says ACLU
Friday 17th April 2015 12:14 GMT
HTTPS-Only
There are a growing number of parties suggesting the complete deprecation of HTTP and transition to a web entirely based upon HTTPS
It's called HTTP/2. Before some smarty-pants corrects me I'd like to point out despite the spec there are reference browsers that will not support non-tls thereby HTTP/2 is de facto always-on HTTPS.
Job done.
What's Meg Whitman fussing over: The fate of HP ... or the font on a DISRUPTIVE new logo?
Microsoft's top legal eagle: US cannot ignore foreign privacy laws
Sunday 12th April 2015 21:38 GMT
Re: turn it round ...
Nice angry rant.
Political/legal case for invading Iraq wasn't based solely on one specific document. Either way Kelly had already spilled his guts as you are perfectly aware.
Using a lot of "don't know what you're talking about" for somebody making claims on the legality of something which hasn't even been challenged anywhere. If the govt is going to bump people off for leaking things even of minor value Snowden, Greenwald, Assange and many other people (earlier example from before Kelly so we can't pretend it's stopped now: David Shayler) would be dead. These people are extremely easy to get at. The stuff Kelly talked about isn't worth killing him over, anybody arguing it is.. well, they're remarkably naive. It wasn't even the government's entire case for the invasion of Iraq, but on the offchance (again, hypothetically) it was, it doesn't mean it's some sort of threat to government, in fact it didn't even cause Tony Blair personal embarrassment - he won a third term 2 years later.
As for making a case against Russia, the case makes itself. They put people they don't like in jail, often they kill them, the end. Don't ask me ask Amnesty.
Because you're personally angry doesn't actually make anything you say objectively true. I'm quite aware of who David Kelly was - I'm pointing out that he wasn't nor could be any sort of legal or existential threat to the government of the time. Nothing about what he said or could have known at the time has been that because much more than what he knew then has come out. Or put another way; killing him would be a huge waste of time. Everything he knew was his opinion of a) Iraq and b) The Dossier - and any 3 year old could frame it that way. Shit - I just did.
Sunday 12th April 2015 11:11 GMT
Re: turn it round ...
The idea that Kelly was murdered is frankly pretty absurd. Here's a guy with very loose connections to the Iraq thing with no real voice (literally) - who didn't like being force-fed into the limelight. If the assumption is the government goes around arbitrarily killing people who simply criticise it and share not secrets about anything they have bigger fish to fry.
There's been an absurd waste of taxpayer funds over the whole affair; not for nothing but even on the chance it was true and not completely absurd - at least they're not using the assassination of one political adversary to frame more political adversaries and even if they were the questions are at least being asked - again, unlike in Russia.
Sunday 12th April 2015 01:19 GMT
Re: turn it round ...
Says the great expert on those two countries.
They can't even frame people for assassinating Putin's political adversaries right. You don't need to be an expert to see Russia's entire legal system is top-to-bottom batshit. A lot of western countries have problems, some of them fairly serious - but nothing on that scale.
Friday 10th April 2015 17:30 GMT
Re: turn it round ...
You're not turning around properly. There's no rule of law in China or Russia, you have to suggest somewhere with a functioning legal system else it looks a bit batshit - Russian company would just hand over the data for fear of being Putin's next target, there'd be no discussion over it.
China weaponizes its Great Firewall into the GREAT FIRE CANNON, menaces entire globe
Sunday 12th April 2015 01:06 GMT
Re: So, what now?
What next, do we need anti-malware in our web browsers now?
HTTP/2? Don't bitch about the always-on crypto and we'll be fine. Call your elected representation and try to get them to push BCP-38 or similar as a chunk of extraterritorial law (this is gonna work best if you're in the US).
We need to detect such traffic & send it back to the website of the ministry that runs the great firewall
a) Github figured it out pretty because they started injecting their own JS into pages as I recall.
b) I prefer redirecting people to meatspin (pls don't google that if you don't know what it is) who are up to shady stuff on my servers, more effective than taking down some Chinese propaganda BS.
Edit: derp, merge..
Sunday 12th April 2015 01:04 GMT
Has there actually been any "formal declaration of war" since 1939?
Probably not, lost art of calligraphy and whatnot. How does one even define a declaration of war? Missiles shot out of SSBNs is the standard clue these days - why would you give your enemy a chance to set up defences, move forces, shred documents, hide in a cave and whatnot?
There's at least 3 wars going on between major/superpowers right now today, just because they haven't been declared doesn't mean there isn't war.
Snowden didn't scare many out of US clouds says Forrester
Thursday 9th April 2015 15:27 GMT
Re: too much churn yet
The OS needs to access the data. The OS can't run encrypted operations through the CPU. If somebody is ordered to give say, hypothetically, the NSA (and this is what we're really talking about here) physical access to the HV or frankly, just any sort of access - there's zero things stopping them injecting processes directly into the memory of the VM and stripping data out.
Any security relationships between you, the VM and the keys are irrelevant in that case. And as I said that sort of level of "compromise" is what concerns people when you talk about handing data over to Microsoft. It won't stop it so it won't affect the thinking.
It might be useful purely for storage of data but it's useless when you're talking about doing things with data which is what most people are using cloudy server hosting for in the first place.
Wednesday 8th April 2015 16:54 GMT
Re: too much churn yet
I would hope quite a lot of security, auditing and alerting.
Not if the owner is allowing it based on a court order. Which is the point - that crypto is supposed to be there to stop you worrying about such things and tempt you to buy Azure CPU time, it's a chocolate teapot in reality.
However if they went to those sort of lengths then they might as well just hack your office PC as probably a much simpler way of getting at the data...
No because it's actually useful if you control the physical access to the system. You'd hardware crypt the HV and restrict access and it'd do things.. Though obviously if the thing itself is compromised remotely yes you're screwed, but it's not as easy. Physical access is king in tech security though.
Also it aint that difficult.
Thursday 2nd April 2015 08:05 GMT
Re: too much churn yet
8% is the final number of these and those - it's still a pretty significant figure. Doing it as a UK business isn't majorly useful though.
I imagine most people concerned by it realise that the spooks have their grubby mitts into everything so the question becomes "but where do you go?".
Google sticks anti-SQL injection vaccine into MySQL MariaDB fork
Bored with Blighty? Relocation lessons for the data centre jetset
Wednesday 8th April 2015 17:42 GMT
Uhm.. Nonsense
Power provision is archaic, too: spikes and drops are common, particularly during major events like the Olympics and the Golden Jubilee.
Really now? When, where, how long? Where's the data? The UK's power grid is generally considered world-beating. The whole nuclear replacement issue is a joke and the renewables future strike prices are utterly absurd - but generally speaking it's rock solid. I can tell you the stories of the guys I know who work in a New York data center who were hit by a huricane - basement was under water, gens were literally on fire and they couldn't get fuel in and the connectivity was sporadic. I have a photo from their Chicago office's whiteboard where they used Zots (the Sim City graphics) to explain the situation. This has never ever happened in London.
Transport is another issue, with data centre operator Interxion installing sleeping pods on the co-location floor during London 2012 to provide staff availability and ensure travel disruption didn't translate into service distruption for its customers.
Transport in London isn't any sort of issue. The Olympic thing never materialised, those of us who live in London will tell you there were way less people than normal and in any event there's generally multiple ways to get to things. Nobody actually builds DCs right in the centre of London and there's plenty of cheap land around and dark fibre and it's not too expensive to have your own cable runs put in.
The fact that London is a major DC hub is the clue that the argument is nonsense. London has it's issues but it's generally a safe place to be and even major events like riots and Olympics (which are one in 50 year events anyway) haven't managed to cause any major disruption. Even when London has been hit by terrorists things have got back to normal PDQ.
A MILLION Chrome users' data was sent to ONE dodgy IP address
Wednesday 8th April 2015 17:11 GMT
Discovered
This extension's don't give a shit attitude to privacy and malware has been known about for well over a year. Interesting they claimed they'd discovered it :p
Nuclear waste spill: How a pro-organic push sparked $240m blunder
Wednesday 1st April 2015 16:08 GMT
Re: Organic cat litter
that the desiccants in cat latter are bad for both your cat and you
That and it all contains silicon dioxide which as well as being carcinogenic (i.e. it causes cancer) it's generally pretty nasty for your lungs (silicosis). Might not be too bad for crazy cat lady but it's potentially pretty nasty for the people who have to work with it (occupationally, as in, make it), I did once have to work with it in it's pure form and you have to take a lot of precautions.
Wednesday 1st April 2015 16:03 GMT
Re: Fast Integral Reactor.
Moon/Sun. Never sure if people are seriously when they suggest stuff like this but on the offchance I always like to point out what happens when rockets go bang in the atmosphere. Doubt many Floridians would like highly reactive waste raining doing on their houses and half the Atlantic coast.
Also deep borehole disposal is the only way forwards.
Halifax's '24/7' online banking service is down YET AGAIN
Wednesday 1st April 2015 15:47 GMT
Might have something...
.. to do with their idiotic SSL/TLS config. Just guessing.
A Quid A Day for NOSH? Luxury!
Ford: Our latest car gizmo will CHOKE OFF your FUEL if you're speeding
Wednesday 25th March 2015 16:41 GMT
Just Dangerous...
No way to safely overtake, accidents caused, the end. Good job you can turn it off because nobody who doesn't want to die overtaking some tard in his caravan doing 52 in a 60 on a single lane road causing a mile-long tailback will want this. Surprised the IAM/RAC/AA et al have nothing to say about this. Also it's well known car speedos are clocked to make you think you're going faster than you really are, as proven by anybody with GPS.
Woman caught on CCTV performing drunken BJ blew right to privacy
Friday 20th March 2015 19:50 GMT
Right to privacy..
Whilst there's technically no right to privacy in a public space, using the video for commercial gain without permission from the "subject" of the video brings up all sorts of sideways legal issues probably not covered by OFCOM that could end up in civil court. Complaining to OFCOM isn't really going to get you anywhere in this case.
Also don't suck people off in front of CCTV, don't get that drunk..
Massive DDoS racks up $30,000-a-day Amazon bill for China activists
Leaked Windows 10 build hints at peer-to-peer patching
Monday 16th March 2015 19:49 GMT
Re: Update Security
Random chinese kid who downloads dodgy apps not knowing that they are actually targeting his peer to peer protocol won't be secure on any real set of measure to a multi billion dollar enterprise like M$
In the occasion that you are pushing viruses, all other users will get a piece or pieces of junk that doesn't fit with the rest of the update. The protocol itself will discard those pieces because they're nonsense, ignoring signing and overall file hashing.
I don't think Microsoft is planning on letting users push their own files to other users for other users to update with. Somebody trying to mess with the process is irrelevant as long as Microsoft isn't losing private keys they use to sign updates and also that they're still in control of the list of updates. Three things have to go very wrong all at the same time for it to be a security hazard and they're no easier than the things that have to go wrong with getting updates directly from MS.
Thinking about this a bit more - if somebody installs a root cert and screws with your dns it's actually easier to mess with than if you're getting updates from "foreign" sources because there's nothing in HTTP to defeat this, whereas in torrent-alike protocols there is; pieces are individually hashed - nonsense data won't passively migrate through a swarm.
Monday 16th March 2015 01:10 GMT
Update Security
What is it makes you think Microsoft's (or Apple's, Debian's or BSD's) update servers can't be compromised? This is why we have package signing in all it's guises.
Updating from some random Chinese user's PC shouldn't - in theory - be more dangerous than getting them from Microsoft directly.
There's ethical issues but that's the start and finish of it. Can we find grip?
The voters hate Google. Heeeeyyyy... how about a 'Google Tax'?
Wednesday 11th March 2015 13:31 GMT
EU Tax Law
"Quite apart from anything else, we're governed, within the EU, by EU tax law"
Whist this is technically true states can in fact create their own taxes and set their own rates.
Actually as it happens if you start from the position of it's workable and it'll be enforced (and I realise that's a huge ask with the HMRC) it actually makes a fair bit of sense.
Ban Minecraft? That's jive, Turkey!
Bulk comms spying is not mission creep, insists UK foreign sec
Tuesday 10th March 2015 14:07 GMT
Is...
Trying to bring down a completely lawful public company from an allied state mission creep (last I checked we signed the Maastricht Treaty - by any basic EU legal standard we're actually attacking ourselves; and our own economic well-being in this particular case). Is stalking - and one imagines compromising the security of - employees of completely legal businesses mission creep?
Yes, no?
VMware sued, accused of ripping off Linux kernel source code
Tuesday 10th March 2015 03:16 GMT
Re: Case..
I appreciate the need for semantic accuracy on this topic, but my use of "entire codebase" here was intended to mean "the entire codebase (of everything that is linked to the GPL code)"
Is that the sound of all GNU/Linux's corporate benefactors/sponsors/commiters running away screaming that I can hear? Yep, that's what that'll be.
You use some GPL code that *links* non-statically to some GPLv2 code thereby all that code must be also GPLv2, and not only that - you must share it. That one must have them rolling in the aisles at OSS-Lawyer Con.
Monday 9th March 2015 00:13 GMT
Re: Case..
if you include GPL source code in your work then your entire codebase becomes subject to the GPL
No, it really doesn't.
Loving the downvotes, you're all confusing Stallman's "spirit" of the document with legal reality. If you want to donate feel free to go nuts, if they win it'll change the legal status quo. The entire GPLv3 exists is because v2 doesn't do what you think it does, and the entire reason not many projects (including the Linux kernel) don't use v3 is because nobody who is for all OSS, all the time, likes it - because it makes it extremely difficult for business to use OSS code and that doesn't help anybody.
Friday 6th March 2015 09:18 GMT
Re: Case..
He's trolling. If he had something real to say, he would say it instead of just making vague,meaningless allusions
GPL is a source code license, VMWare (by the entire case's main objective) isn't redistributing source, they're distributing binaries - things like copyright come into play in those cases - not source code licenses. As somebody who regularly licenses stuff under BSD and GPLv2 from my perspective it's fairly nonsense. If VMWare can prove some sort of linkage to the original (kernel) source the entire case goes out the window - which is precisely why they're pan-handling rather than trying to get fast injunctive relief.
I said good luck the case doesn't pass the laugh test based both on reality and that I'm going to assume VMWare's lawyers are smarter than all of us.
It's been tested in court and proven valid in the past. Just ask Cisco.
In a US court - and they were sued over API copyright. The EU and the ECJ have been repeatedly clear that API copyrights block innovation and are not enforceable, even though it doesn't apply in this case.
FREAKing hell: ALL Windows versions vulnerable to SSL snoop
Friday 6th March 2015 09:15 GMT
Re: >BTW, why is Firefox the only major browser not affected?
This makes FF unsuitable for a small number of specialised web sites
There's no *reasonably* modern crypto stack (written within like the last 15 years) that requires that these cipher suites are used. Servers don't need to support them, the end. No ifs, no buts as DC would say.
Storm in a K-Cup: My SHAME over the eco-monster I created, says coffee pod inventor
UK spaceport, phase two: Now where do we PUT the bleeding thing?
Thursday 5th March 2015 12:39 GMT
Re: Manston ticks all boxes
Because the overshoot is basically.. well it is.. Ramsgate. That's probably why to both of the above. You'd have to pick up the runway and drop it down 300 meters west before it starts making any sense for anything aviation related.
Even if there weren't good safety reasons people living there probably wouldn't be pleased about either spaceplanes or 747's taking off/landing there en masse and we'd be all about the judicial reviews for 20 years and further away from where runways are needed. And we'd still need a hub airport with > 4 runways.
Biting the hand that feeds IT
