2720 posts • joined 19 Dec 2010
"Encryption provides confidentiality, quite simply because instead of sending a plain-text DNS request over UDP, RFC 8484 sends it over HTTPS, secured by Transport Layer Security (TLS)."
I don't quite see the added value.
See; if you really want to make sure that your web presence gets hidden then the best way to do so is using a VPN, which means that all traffic (http, dns, irc, etc.) gets routed across the VPN thus making it much less likely to trace it back to you.
Although I definitely see that this system could help with hiding regular DNS requests it also has the potential to over-complicate the system. I also can't help but wonder if there won't be a price tag attached to such a system, which is somewhat common for other forms of public key encryption.
It's an interesting idea for sure, but I think it could easily turn into a problem when companies such as Google start trying to enforce its usage, like they're somewhat doing with HTTPS right now.
Apart from the previous comments about Assange not being detained in any way have you already forgotten how all of this started? Assange, basically a controversial guest of Ecuador, already has a history of plain out insulting the Ecuadorian president over political issues by calling him out on Twitter, as if they were discussing topics on the same level. I have the utmost respect for Wikileaks and what they tried to achieve (I still do) but having said that: how arrogant do you have to be to pull off that kind of a stunt?
I'm not saying that Assange should agree or bow down to whatever political statements (or opinions) Ecuador has, but at the very least have the decency and show some respect for their believes, even if you don't agree with them at all.
If that small feat is too much to ask then I really cannot blame Ecuador at all for putting up these restrictions. Honestly? I would have expected Assange to help out in the embassy as best as he could, including cleaning up. Even if it is a toilet every once in a while (most of us do that at home as well, so.. why not?). The more you read and hear about this whole thing the more does it look as if he's just sitting (or lying) on the couch all day basically usurping hospitality. I'm not impressed with that, not at all.
One thing I don't get though...
So his phone number got swapped and that was used for the hack. But that leaves me with one very important question, based on this quote:
"Once an attacker has access to their mobile phone, they are able to use it to provide the secondary identification that many online services now require before making significant changes."
So why is that the hackers apparently managed to bypass the primary identification quite easily? Isn't that part of the protection scheme the full responsibility of the owner himself?
When people will stop to blindly invest in good looking, yet unfounded, promises on crowd funding websites. Because from my point of view the projects which actually delivered on their promises are quite in the minority.
That's not really coming back...
For a moment I was hoping that they'd launch a whole new product line, and thus would be somewhat competing against Android. Wishful thinking, sure, but running on top of Android is not something I'd describe as "coming back", it's not as in the old days where you could chose between a Palm or iPaq for example.
With all due respect for Android but I really think it could use a bit more competition than it has now (which is basically none at all anymore).
"Google should reduce the 30% Google tax"
Why? Apparently it works for them and brings in money, so it probably won't be in their best interest.
And another thing, which I think is important to keep in mind, is that Android actually provides the feature to provide software outside of the Google store. No matter what you may think about Google I think this aspect deserves respect. It's obvious that, even though there are major advantages, Google isn't forcing anyone to use their store and that... deserves respect I think.
What about that Wi-Fi part?
"The $120 Wi-Fi-connected Bitfi wallet is a hardware device that stores your crypto-coins and assets, and requires a passphrase to access these goodies."
If it connects to a wifi access point then that too can be a massive flaw in the design. What if the wifi access point was intercepted and you start feeding the device nonsense data? Or, even better, compromised data such as false DNS records in order to make it access your own networks?
And what if it's the other way around?
I can't help wonder what would happen if reports were to leak out that the Russian government has put a ban on certain US IT products because of the risk that the FBI has been adding backdoors.
If this were to happen I wouldn't be surprised if several US companies, or even the US government itself, would try to sue or slander Russia for spreading lies and for discrediting US companies. Because... only Russia and China can be the bad guys I suppose?
It's the easy way out...
This is not for the greater good or anything: this is only to make things easier on the government and those forces which should enforce our laws and deal with any misdoings. And even though I seriously dislike social media myself I really hope they won't cave into this nonsense.
Because lets ask ourselves this simple question: what about the people who committed the 'crime' in the first place? Wouldn't it make more sense to hold them accountable for their own actions? Isn't the whole "enforce the law" concept also driven by trying to educate the offenders in hopes that they'll change their ways? OR... is this secretly really about trying to cash in as much fines as possible?
Thing is: I see parallels with some Dutch laws, though unrelated. Here in Holland it's illegal for a minor to purchase (!) or own alcohol. And it's also illegal for a shop to sell such substances to a minor, this law was added at a later time. Yet as a result law enforcement is currently more busy with trying to catch shops from doing wrong (even while getting minors to perform a felony in trying to buy alcohol...which is illegal in Holland because the police are not allowed to stage stuff like that).
So here's the result: when a minor is caught to have bought alcohol illegally then in most cases it's the shop who will be fined while the minor is usually left alone. What signal does that sent out exactly?
In my opinion this is no different. Because it's a lot of effort to try and chase down the offenders they're just going to target the messengers because that's a whole lot easier. Whatever happened to holding someone accountable for their own actions?
Hey you smart, well-paid devs. Stop clicking on those phishing links and bringing in malware muck on your shoes
Sysadmins + Devs = possibility for the perfect mixture
I probably have a very simplistic look on things but at the same time several of my methods often gave me good results. And my idea is very simple: sysadmins and devs. should be more trusty of each other and stop bickering over alleged pissing contests.
Now, sure: one size doesn't fit all, and I realize that, but sometimes when sysadmins suggest that devs. use a more private network and don't get to browse the Net while they're working then it's not always because we want to throw some weight around: the idea is to help and keep things safe and secure.
Of course the downside to all that is that some developers need public access. Sometimes problems can be solved by looking at examples of other ideas or similar situations, and those concerns should be addressed as well.
Yet unfortunately I've experienced too many situations where both parties weren't willing to meet somewhere in the middle (or maybe they were incapable? Sometimes it feels like you're dealing with children). And sometimes... people tend to forget that in the end we're all working for the same team.
That Internet access? Could also be passed through a secured proxy filtering server which checks all data and locks down at the slightest sign of trouble. No, you're not being monitored and filtered "because".
But as long as you can't break through that culture which apparently dictates that both devs and admins "know best" then I don't think you're going to change much anytime soon.
Well, fortunately (and somewhat surprising) Microsoft isn't forcing it on us this time. Which is actually somewhat of a surprise for me because I know how much they apparently enjoy to take color away from stuff which work(ed). (here's looking at you Visual Studio!).
"The other issue is that it becomes possible to maliciously lock someone else's account out."
Good argument however... who says anything about the lockout having to be permanent? From a technical context it should be pretty easy to set up a system where lockout durations are set based on the time of day.
So during moments when the users are normally on-site you can set the lockout threshold a bit lower than if people are working from outside the office. Even then you could apply some flexibility; 3 times wrong and you're locked out for an hour. After that hour another 3 times would result in a permanent lockout.
There's no "one size fits all" here, but flexibility should definitely help to make this easier on the users.
Why do we need those dumb CA's anyway? Heck: why do we need to pay for all this?
Why can't I have a DNS record which shares my public key and which is used to encrypt and verify my website running on the same domain? How direct can it get? In order to abuse this you'd need to have access to both the domain registration and the physical website.
Best of all: this would also allow average Joe to use his own set of keys because the only important link is between DNS security record and the website itself.
No: SSL isn't free for everyone. Not everyone has the know how about the underlying mechanic and all which Googles narcissistic policy does is provide a platform for some hosting providers to generate even more revenue. While the alleged "enhanced security" is seriously disputable.
So your vacuum cleaner is spying on you? Well, that sucks :P
It's a sad story actually...
"It's not surprising that Microsoft wants to have its cake and eat – it always has."
In my opinion Microsoft is capable of doing some great things. I know there's sometimes also a bit of controversy involved but even so, some of their work was pretty slick. For example I still enjoy the new ribbon interface, and not just that: it has also been adapted by some of my other favorite software products (Visual Paradigm in particular; this is an UML modeling / IT design tool) and I honestly prefer the ribbon over the classic icon toolbars.
Then I also think that Microsoft can also sell this product decently well. I still remember that classic OneNote commercial which I think was pretty funny (guy does shopping while using OneNote to maintain his grocery list and all sorts of stuff gets added (candy canes!!), then it finally hit him: his kids are messing around ;)).
The main problem though is that Microsoft somehow can't make a decently appealing starting consumer product and / or environment. There's always something wrong. Take the very first Windows Phone: it didn't have a todo and you couldn't even sync anything with your desktop. To add insult to injury geeks such as myself couldn't even mess with their own phones, only after paying Microsoft $100 for that privilege. It's really strange how that never really took off....
Now, they also know how to turn it around eventually. Many of their products started out in a horrendous way but ended up as small pearls (in my opinion anyway). Expression Web for example (web editor tool) was pretty much a disaster at first: not very stable, quirky interface, etc. But in the end it was really quite good. I even bought a license a few months before it was discontinued and made available free of charge, and I never regretted that because I honestly believed it was well worth the money.
The problem: a bad start gains you bad publicity and bad experiences. And once people jump off your bandwagon then good luck trying to win them back again. That is in my opinion Microsoft's biggest undoing.
If you want to gather a serious fanbase you should work *with* your customers, not make it seem as if you're working actively against them (anyone remember Visual Studio? "Now, without ANY distracting colors", it was a plain out disaster). I've chatted with many veteran Visual Studio users who even went further than my dislike (I eventually enjoyed VS 2012, I still use it today) and didn't even bother with that: they stuck on 2010 because that did what they wanted, and even had a good color scheme.
As said: I honestly believe that Microsoft has the potential it needs to make this work. But they seem so caught up in their own twisted ideas of "change is good, change sells, we need change" and without ever bothering to think about what the consumer might think.... That is just a recipe for disaster.
And I think it's a sad story because Microsoft could be a lot better and more respected than they are now.
British Airways' latest Total Inability To Support Upwardness of Planes* caused by Amadeus system outage
Why? Money of course!
It'll cost much more to maintain such a fallback system 24/7 than it is to deal with a hiccup like this, especially if you can sweet talk your way out of it with your contractor. It sounds bizarre but dozens of companies honestly follow this or similar strategies.
Not even on/off switches?
I mean: there seem to be quite a few "IT professionals" out there who apparently could really use an extra on/off switch for controlling public sharing of AWS buckets.
Not just that, this also assumes that their e-mail wouldn't end up somewhere in a spamfilter, something I'd consider very likely.
Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help
Shooting the messengers much?
So everyone else is to blame except those who wrote those e-mails, used the public channels for it and were basically caught off guard.
See... if I share false threats or accusations through e-mail and those leak and the audience gets seriously upset by that: who is to blame? Me for outing that shit in the first place or the hacker who exposed me?
Note: these were semi-public e-mail channels. Why do you think the US has such problems with politicians using public services (or semi-public phones) to sent political data (something many democrats easily ignored I might add, it wouldn't be the first time we read about official warnings). You reap what you sow in my opinion.
Also: how does one "affect" an election?
How gullible do you have to be if you let random posts on the Internet affect your decision on who to vote for? That is the one thing I simply cannot comprehend. Sure: I can understand that some people allow for this, each to their own, but how gullible do you have to be... But if you are that gullible then this also leads me to another question: if people really are this gullible that they'd change their mind based on a random post on the Internet then what are the chances that they didn't simply change their mind from going to the bathroom? You know... the "let's shit on the politicians" kind of idea and suddenly do a 180 degrees turn.
If people are such huge flipflops... then why does it have to be the Russians? For all I know it could be a good looking girl or a guy campaigning which then changed their minds.
Say; what about that phone Hillary used to share political data with? Did that got hacked too? Gee, I wonder how that could have happened. If she set the example that "do whatever you like" then.. yah.. sorry, they had their warnings.
Still the same strategy then?
"Azure Dev Spaces is one of those technologies that looks great in demonstrations, but can end up being infuriating when introduced to real life."
With all due respect for Microsoft (seriously) I can't help but comment that a lot of their software and services have been following this strategy as you describe it here. And I think it's said that Microsoft still doesn't seem to learn or acknowledge those simple facts.
For example? Simple: PowerShell (vaguely related). At one time they had this awesome idea: force every PowerShell user into using a localized documentation system which would provide people with help in their own language. Sounds great in theory, but what if you don't want localized help and would rather stick with the default English versions? Or what if the help in your native language isn't available? Well: then you're out of luck (but you can "fix" it with a bit of hacking).
Microsoft still needs to pay much more attention to the things which the customers need and want I think.
Well, I knew it was going to happen eventually, which is why I'm still happily using Office 2010, including a fully working desktop version of OneNote where I can choose to share some notebooks within the cloud (and accessible from my phone). But most of my stuff is stored locally, with an automated backup on my local server.
I peeked at a more modern version once but I really don't get the feeling that I'm missing out. My interface doesn't look flat and boring, I'm not fully tied into the cloud and most importantly: "It just works".
"What are the goals here: subscriptions?"
An easier way of generating revenue would be my guess.
You see quite a few software companies suddenly also providing subscription models, and it makes (some) sense from a business perspective. The only problem is that customers are usually not really getting their moneys worth.
So then people rely even more on the system, what if it fails?
Odd article. So instead of educating the people who handle all this information in order to ensure that they know that this should be properly handled the preference is to automate the whole thing?
Sounds nice in theory but what's going to happen if people then start blindly trusting the system? Maybe right up to a point where it becomes obvious that something isn't right but because the system never warned them they continue with whatever it is they're doing anyway.
Algorithms are the spawn of evil
A silly mistake, but showcase of a much more darker and intrusive problem: the growing dependency on algorithms. And that doesn't bode well for us. Because once "the system" has made up its mind, good luck trying to convince it otherwise. Especially when you have to deal with mindless drones such as public servants.
You can see examples of these all around us. If you look close enough. A prisoner in the US had really come around and followed a role model. He applied for parole but was denied because he was deemed to be a danger for society. Eventually he got a lawyer to appeal, it came before a judge and the system turned out to be wrong. He got his parole. And the reason for this initial denial? His crimes fit the profile and so did his behavior so he was denied. Even though he was still an model prisoner.
A small, maybe meaningless looking, example but it does showcase a growing, much bigger, issue.
And so Google helps making the web more INsecure
I've said it many times: this is the most dumbest thing they've done in a while. I'm still visiting tons of websites which don't use HTTPS and where there's totally no need at all.
And I'm pretty sure that I know what'll happen next:
"How do I get rid of all those annoying warnings?"
"I know! start your Chrome with -ignore-certificate-errors, that should do it"
And I'm sure many will follow up. The only problem of course is that this disables every warning. I'm aware of quite a few people already frequently using this because they want to access a website with an expired certificate, and Chrome doesn't let them. Even though there's absolutely no risk; expired or not, the certificate will still be used for encryption. There is no security problem, only a monetary problem. But yeah, that's what they're counting on!
Idiocy like this will only make things less secure because people will start ignoring warnings much more often.
What gender gap though?
Some people keep yapping about the gender gap but every article always starts with the disclaimer that this doesn't focus on men and women performing the same job. Obviously because in that case men and women should earn the same, governed by law.
So I keep wondering: what is the problem that men and women earn different salaries when they perform different jobs? Because that is the only underlying reason for this so called "gap".
See, my problem with all this is that the drive behind it is supposedly about equality. So why is it never a problem when, according to these studies of course, women suddenly earn more than men? When that happens there's nothing wrong, yet isn't that simply a display of hypocrisy? Equality should be absolute: it should cover both ends of the spectrum and not simply favor only one end of it.
... that is, if you truly pursue equality of course. And I have some serious doubts about that part.
It could be GDRP related...
No, not in the sense that Europe dictates all this of course. That's nonsense.
But there is a huge problem, and the same happened with the cookie law: not everyone fully understands what they are supposed to do and many will therefor take the safest route out. Sometimes even if this turns into totally ridiculous situations where everyone could see that the whole thing isn't related.
Example? Right now you're pretty much greeted with a warning about cookies for each and every website you visit. Even if all they do is use those cookies to run a forum. Guess what? The cookie law provides in that and you do not have to warn your users about those. It's only about the inter-site tracking cookies which can actually follow users in such a way where another site can obtain useful information from them. So: real data sharing.
But if your website sets a cookie "ls=xx" which, for example, means "login session: x, succeeded. x, needs to sustain" then no one would be the wiser so you wouldn't have to ask for permission.
However, and fully understandable, most don't take chances and therefor ask for the use for cookies either way. It's also easy because most fora and CMS software supports this out of the box.
I foresee the same thing with GDPR. Companies who are misinformed and who will end up doing completely weird stuff because they'll refuse to handle some personal data and blame (either correctly or not) the GDPR. You can already see some of this happening where US websites now block people from Europe so that they don't have to deal with any of this. No EU visitors, no risk of GDRP violations.
"I call BS, there's not a developer alive who doesn't think he can do a sysadmin's job better."
In my opinion that would depend more on the sysadmin than the developer(s). Most developers I came across with started complaining when they couldn't do their job properly. And why wouldn't they complain because in many cases they're the actual heart of the organization which keeps the whole thing running (especially if you're selling software products).
I've worked on both sides of the spectrum (though I'm not a professional developer, as in: never took on a full time job as developer) and in my opinion it's mostly certain sysadmins who come over as sort of arrogant because they know how to keep the company safe. And if you then keep in mind that "keeping safe" usually boils down to "limiting users" you got yourself a dilemma.
Of course in many cases those sysadmins weren't really arrogant at all, but the way they expressed themselves... ye gods. And there lies your problem in the making because action = reaction.
No thanks El Reg!
Now I'm stuck with that song in my head all day! :P
At least it's now for a good cause, that's a pro...
o/~ Never gonna git you up, never gonna push you down, never gonna clone around and fork you o/~
A typically political decision...
"EURid claims that the forced deletion of existing domains is needed in order to protect users against what are called "homograph attacks" where domain names are registered with non-Latin scripts to make them look like all-Latin domains e.g. a Cyrillic "a" is used in place of a Latin "a" to make people think they are on the website of, say, "apple.com.""
What is the amount of EU domains which actually try doing this? And also: how does that amount compare to the full extend of EU domains?
It's a very typical way in which modern politicians react: don't hold the offenders accountable for their own actions. Nah, just try to forbid the whole thing and be sure to demand heavy fines if people don't comply. Whatever happened to the democratic notion of innocence until proven guilty?
I see a very dangerous trend happening because the only reason a ruling like this gets pushed is because it's easier on the politicians, not because it's the best they can do. And worse: many innocent individuals get to suffer from this because... reasons.
Another issue is that there's no need anymore. Modern browsers have already adapted so that they'll display those characters for what they are, you won't see "apple" anymore. That was pretty much a unanimous decision, so once again the politicians are acting after the facts.
And is it just me or is it plain out arrogant (and bizarre) not allowing people outside of the EU to register and host a .eu domain? I mean.. I live in Holland and I can easily get a .de domain, or a .jp domain and even a .us domain if I want to. Where's the problem with that?
"Call me cynical, but there is no way this was not visible at the point when the IPO was done."
Sure it is. All it takes is one data analyst to hit 'delete' on his precious BPMN chart and the enterprise will never be the wiser.
Now, I'm somewhat joking here but on the other hand I'm also not. I've had a few experiences as "junior data analyst" where I was honestly astonished at the seemingly sheer display of ignorance of upper management regarding their own company. Sure; they hired beancounters for a reason, I'm well aware, but surely you don't need a data analyst to tell you what is going on in your own company?
With that experience in mind (even though it could be flawed one of course) I don't think it's fully impossible for higher staff not to know.
Data protection business can't protect its own data
Way to go!
In all fairness though: I do agree that it is getting harder and harder to perform for businesses these days. At least that's my perception of it.
On one hand you get new workers who feel they know everything because they studied and if you tell them that they actually know jack shit you're getting borderline close to facing a trial for harassment because how dare you.
Then at the other end of the spectrum we often have governments who try to protect the rights of the employee's and sometimes that can outweigh that of an employer. This is definitely an issue in Europe where firing someone can actually backfire on you. Even if you can well establish that the individual is hurting your business.
That fluke mentioned here would definitely be reason for dismissal for me, but I guess that's not how it works anymore.
Such hard times we live in...
Where you're actually expected to know how to set up the product you're working with and even worse: you also need to know how this product works. Because if you go in without any relevant knowledge then you can actually make horrid mistakes which could compromise security.
But how is this Jolokia's or Java's fault? I mean, anyone who knows their basics about Java management will know about MBeans. So if you're then working with something relying on MBeans, yeah... is it really that hard to add one and one up?
In my opinion this is telling us more about the shallow environment which is generally uphold within IT rather than this software product. Because like I said... how dare they expect that people actually learn their trades..
Reminds me of that "skilled" admin team who apparently couldn't understand the difference between a public and private AWS bucket and as such dumped a majority of their private keys onto the Net. For all to see and download. And of course later on blaming AWS because...
"but any Americans who think that he is a traitor to the US are objectively morons. You can't commit treason against a country of which you have never been a citizen."
Not only that but what about the people involved in all the (often) illegal and usually questionable practices which got exposed?
That's the main part I never understood: if they had followed protocol, if they had stuck with the rules then they wouldn't have been exposed. And the worst part is that most of those are also getting away with all this. Because... reasons and the greater good I guess?
There's a reason why the saying "Don't shoot the messenger" exists. Not trying to imply that this also applies here of course, because messengers usually only deliver messages and don't rape or harass women.
And once again...
The EU causes more collateral damage than they probably anticipated. I'm actually hoping that this trend continues: be GDRP compliant and just lock out EU users, simple as that. Then you can continue with your business, no questions asked.
This reminds me of that brilliant cookie law which the EU just had to push through. And as a result nothing has changed. The only change is that they'll now nicely ask you up front: "Do you accept this cookie?", and if the answer is no you're blocked from the site. SO... no matter what kind of cookie: if you want to use the site you'll have to click yes. And continue clicking yes again and again and again and again for every website. Another one of those awesome EU ideas!
Now, don't get me wrong here. The motivation behind GDRP is a good one, securing user data. But I also think that, as usual within politics, they're not thinking things through.
I mean... if you ask a webmaster to remove your data and they say "Ok, done", without actually doing anything. Then what? Would you be the wiser? I doubt it. And even if you can proof this, then what? Call the cops? If you're dealing with a US company and then call the cops on them for an EU law infraction then I'm not too sure that they'll bother to help you. Why should they?
In the end this will be one of those brilliant ideas which will cause more harm than profit. Like the DCMA takedown requests: that also began as a good idea until people started abusing it left and right because... the consequences for false reports are practically zip as far as I know.
I fear that this won't be any different. As such: just block the EU and be done with it, easy :)
(for the record: I am from Europe myself, but not quite a fan of this GDRP intrusion).
We're forced to delete user data. Ok, got it.
But what about the data retention law, from that very same EU? Never heard of that? Easy: it basically forces companies to store and archive communications passing through their servers (such as e-mails) for up to 3 years. Wouldn't you say that this somehow contradicts with the GDRP? I mean, can it get any more personal than e-mails or forum messages?
And just so we're clear: the intent of the data retention law is that communications must be stored in such a way that the information can be used to fully trace the users origin. Which is exactly the opposite of GDRP which demands that data needs to be anonymized.
So what is it? You can't have it both ways, yet that's exactly what they're trying to do.
At least the money got spent on things which really mattered. For example, I can't help but think that this meeting got covered by the last bits of their financial assets, time is money afterall, so now the company has probably legitimately ran out of cash. And all those caterers need to get paid too you know; a business meeting without a business lunch is of course not a good meeting so their hands were obviously tied there.
Sometimes you wonder how some people still sleep at night. I mean, taking money from fans without delivering anything worth mentioning, sure way to up your reputation as being reliable. At least the underpants business strategy (UBS) paid off once again, and it's difficult to understand business model is pretty on-par with todays standards:
- Start an IndoGoGo project which features an appealing idea.
That's one heck of an UBS if I ever saw one. What an admirable effort, such hard work...
"As schemes have become more complex its often the case that you need a multi-skilled team - like it or not."
Or better engineers.
People like Einstein and Hawkings came up with the most brilliant of theories and statements and they mostly did all of that on their own.
Now, I'm not necessarily disagreeing. Heck, this even follows the Unix philosophy: perform a small task and do that to the best of your abilities. And this approach works excellent. But the reason why I still comment is because this "multi skilled" approach is often taken into ridiculous directions these days.
More than often the skill set isn't the most important anymore, it's how you present it. Who cares if one person shows you plain out facts. When he does so in a boring way then he's most likely to get surpassed by someone else who is better at presenting himself. Just too bad that he got all of his facts mixed up...
What good does this fine do?
Oh wow, the cops are fined 80,000 pounds, as if this will actually affect them...
I mean, basically the government is now handing out a fine to an institution which got paid with... government money (aka: the taxpayers money!) in the first place. Could someone please explain to me how exactly this is going to have an effect?
Even if this would go out of a police budget then the effect is obvious: the police won't be able to perform their full duties due to lack of resources. Ergo: the population (not the police force!) would suffer thanks to the moronic actions of one idiot who couldn't even be bothered to think about what he was going to do. An idiot which is obviously still working for the force, because those are the kinds the public servant system highly values: people who will carry out orders without questioning and too much thinking.
And if this doesn't come out of the budget... how is this going to help those victims?
All I'm seeing is one government agency demanding money from another, while that money was coughed up by the population in the first place through taxes. Those numbers sound real intimidating (wow, 80,000!), but that quickly ends if you actually stop to think about what is happening here.
Where does the money go to? The victims as some form of compensation? Oh, I don't think so. It goes straight into the government and after a few months when the heat has passed the force can file in a request for extra financial support and they'll obviously get it.
When being asked about the extra spending it's probably going to be: "We have to, because if we don't then the population are the ones to suffer here". Yah, right, but if you cared so much for the population then why imply the fine in the first place and why didn't you, for example, hold the idiot who did this accountable for his own actions?
Why not sent that officer on a 2 month forced leave without pay for example? That would actually set an example that if you mess up with the most vulnerable kinds of victims then you will have to pay for the consequences.
But nah, too much theory. Let's move 80,000 pounds around because that really sounds cool and then it's back to business as usual. And no one will have learned one single bit.
So it's true after all?
Embrace, extend and then delete, delete, delete!
Why don't we have a Cyberman or Dalek icon? :P
Why do I smell...
... a change merely because of the change?
I still prefer the classic "if it isn't broke, don't fix it!" motto myself. Just for the record: I actually enjoy the Ribbon Interface. But then again I also didn't upgrade Office after version 2010 :)
They learned from the best!
First it were non-existing weapons of mass destruction, and now it's "malicious software". Anything to blame it on the Russians. After all, they are the aggressive dominating power here. Just look at them being right at the European border!
... wait. Wasn't that border in East Germany several years back, with an historic Berlin wall separating the city? And isn't that border now almost located in the Ukraine? Almost literally at the Russian border itself?
Whatever happened to that treaty which got signed after World War II which prevented both the USSR and the EU from expanding their borders? So, like, who's the aggressor here? I have my own ideas about that.
Remember: warfare in this modern age isn't only playing out on a battlefield. Financial based warfare is a thing too these days. And the best part is that it's almost invisible for the common population.
What a world we live in <sigh>
"maybe I should sue google because someone may mistake someone with a different skin colour in a different country"
And what about the websites which actually published all that material?
That's the part I don't get: they want to sue Google over this,but all Google does is direct you to sites which actually published the material. So, uhm, don't shoot the messenger?
NASA owns the moon then? Sounds pretty arrogant to me.
When I bought my Windows 7 professional version it was said to be supported until 2020. So.. that also didn't happen anymore I guess? :)
OSS deserves everything coming to them!
I've read the blog post and it even started with "in my opinion...." yet OSS still tried to bully this guy into taking it down. They deserve everything coming to them in my opinion.
I also hope this whole case will backfire making more companies and people alike pull out of this mess called grsecurity. No, I'm not bashing. It's just logical reasoning: one of the pillar stones in computer and online security is transparency; sharing information. When a backdoor or vulnerability is found it's usually in the best people's interests to share that information so that others can prepare themselves for it.
So here we have a security company who tried to take down a blog post where someone merely shared their personal opinion. Making me wonder: what would happen if somewhat decided to share something they perceived to be facts about backdoors within the grsecurity project?
Do you really think that this company would allow for that to happen? If this is how they treat an opinionated blogger, then I think they'll treat a mid cart security source which posts controversial material about their project even worse.
And when a security firm tries to shut someone up I always have to wonder: how many more people did they try to hassle and what for?
Would you really put your trust into a dominating dictatorial bunch like that? I sure wouldn't!
Misrepresenting history much?
"The thing is, one way or another, stuff has to be paid for. Since this generation has decided not to pay for anything, least of all for factual information investigated by salaried journalists, advertising and sponsorship is all we have left."
Interesting theory but history has showed us something else.
In the beginning news companies decided to put parts of the paper online in order to lure people into reading it. The website itself was the advertisement and the goal was to get people to subscribe to the paper version. Then people decided that the limited online version was good enough for them because free yet limited news is cheaper than paid for full news.
But it was not "this generation that decided not to pay", it were the companies who decided to give away some of their stuff for free in hopes of luring people.
They should never have cried wolf
My personal issue with IPv6 is that it seeks to replace instead of co-exist and I believe that this is what makes the whole thing so hard. Because even if you use IPv6 you're still often depending on IPv4.
My ISP for example supports IPv6, I even have a public IPv6 address. Unfortunately the router only provides this on the outside, on the inside only IPv4 is provided. I once tried to set up the DHCPv6 server but to little avail. And that brings me back to my dilemma: all my internal stuff uses IPv4 so the moment I try to connect to the Internet the first thing it does is contacting an IPv4 gateway. So where's the benefit here?
But I really think that they shouldn't have played cry wolf for so many times. Several times did they share doom scenarios about IPv4 running out and the Internet coming to a grinding halt UNLESS we would embrace the savior that is IPv6. The Internet mostly ignored that and the grinding halt never happened. It doesn't matter if engineers worked hard to prevent that from happening, what matters here is public perception: a doom scenario was predicted, and it never happened.
Not once, not twice but at least four times of the past years. And that's a really sure way to lose credibility. Good luck trying to convince upper management that IPv6 is important: "But haven't we heard those stories all the time now? So why should we invest when everything works just fine?".