* Posts by Steve Knox

1972 publicly visible posts • joined 16 Jul 2011

Google: OK world, make our 'End-to-End' crypto tool SPOOK PROOF

Steve Knox
Holmes

Re: Google, privacy

the assertion that Google is indeed not able to read the messages is unproven

Erm, yeah.

That's the whole reason they've released the source code: so that cryptoboffins can test the general form of that assertion (i.e, that any third party cannot read the message.)

In future, it might be a good idea to ensure you understand the premise of the article before you comment on it.

YOSEMITE GLAM: Apple unveils gussied up OS X

Steve Knox
Terminator

RotM?

"When you are working on your Mac, your de[v]ices around you in proximity are aware of each other and aware what you are up to."

So is Apple taking development cues from Google now?

Quantum teleportation gets reliable at Delft

Steve Knox

Re: Your missing the point.

Could you step off the teleport pad please, sir?

Do you realize how fast you were beaming back there?

Would you mind blowing into this, please?...

Snowden shoots back: 'So you DO have my emails, after all'

Steve Knox

Re: It is inconceivable they don't have his emails

No, it's not.

Many organizations in the US have retention schedules which require them to delete all but specific classes of emails after a short period of time (often less than a year). This is because in the US, if you have such a retention policy, you will not likely be required by a court to search back before that period in the case of litigation. If, on the other hand, you don't have such a retention schedule, or the other party to the litigation can show that you haven't been following it, you can be required to search all storage, and can even be found liable for things you did delete.

And that's for non-spy-type organizations. I would expect the NSA to have a very short retention schedule for their emails.

Steve Knox

Re: Edward Snowden isn't very good at logic (and neither is the NSA)

My reading of what was said is different.

NSA previously said that they had no record of Snowdon raising concerns to them. Now they release an email that contradicts this assertion.

No, the email they released has nothing to do with the concerns he claims to have raised. They released the email as the sole piece of email from him that they claim to still have.

This is not unheard of.

Many organizations in the US permanently delete any email older than some certain term. This is because (at least in the US) unless you can show that you have and follow such a retention policy, you can be required to search all of your storage for emails relevant to litigation.

That there is a single email does not mean that there are necessarily any others. However, it does put into doubt the NSAs assertion that such emails don't exist.

Why? The email presented wasn't relevant to the conversation Snowden purported to have. If the content of the email that was released even touched on Snowden's concerns, you'd have a point. But instead, "[t]hat email contained a seemingly innocuous question about a legal matter and did not raise any specific objections to any NSA programs."

It's not really anything to do with logic.

Well, then, purple unicorns: I win!

It is a question of one man's assertion against a contrary assertion by the NSA. The question is one of trust. Do we take the word of Snowdon against the word of the NSA?

There's a third option you're missing here, and that is that they're both trying to manipulate us. This is where logic is useful. We can analyze their statements (as I did) and determine if they are reasonable. In this case, both parties' statements are not rational, but as I showed, are clearly skewed to presume their side's version of events.

Given the choice of trusting Snowden or the NSA, I choose neither, because that's the logical choice.

Steve Knox
Facepalm

Edward Snowden isn't very good at logic (and neither is the NSA)

Edward Snowden says the US National Security Administration is lying when it says it has no record of his emails to supervisors raising concerns about NSA surveillance programs, and that the release of one of his emails on Thursday proves it.

Assertion [ES]: Edward Snowden did raise concerns about NSA surveillance via email, and the NSA has a record of it.

Assertion [NSA]: Edward Snowden did not raise concerns about NSA surveillance via email.

Evidence [ES]: -0-

Evidence [NSA]: A single email from Edward Snowden that is irrelevant to the discussion.

The existence of that single email has no bearing on the existence or non-existence of other emails.

In order to believe that the release of that one email proves that the NSA has the other emails, you must first believe that the other emails exist, which is assuming ES's premise to be true without evidence. This is begging the question, and is a logical fallacy.

In order to believe that the release of that one email proves that the NSA has no other Snowden emails, you must first believe that the NSA is a disinterested party. Since this is clearly false, this conclusion is also a logical fallacy.

Since logic skills are a requirement for Information Security, the one conclusion which can logically be drawn from this evidence is that both the NSA and Edward Snowden are incompetent.

TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead

Steve Knox

Re: Whoa there

Erm.

Noone's arguing that XP is still around in lots of places. But since it is not being officially supported anymore, XP cannot be considered safe to use. There may be (read: probably are) already exploits against it in the wild.

And if your OS is pwned, it doesn't matter what encryption software you use.

Fair point about the lack of Bitlocker in some editions (read: almost every pre-installed consumer edition) of Windows 7 (and 8), though.

MH370 'pings' dismissed as false positives

Steve Knox

Re: unlikely

Yes. The whole thing is massively so unlikely as to almost guarantee that it was planned.

Actually, when people plan things out, they tend to fall into common lines of thought. When something happens that is not within those lines, it is more likely that it is an unplanned event than a planned event.

In other words, this whole thing is so massively unlikely as to almost guarantee that it was unplanned.

Still watching DVDs? You're a planet-killing carbon hog!

Steve Knox
Mushroom

Lovely graphic

Pity it's been shrunk and compressed so as to be absolutely unreadable. You have the capability to include a higher resolution, "click-to-enlarge" version: I've seen you do it with graphics which don't need enlarging.

So why, whenever a graphic obviously needs it, do you steadfastly refuse to do so?

US DoJ to appeals court: Haha, no, seriously – Apple totally inflated ebook prices

Steve Knox

Re: It's interesting how everyone automatically trusts the DOJ, they don't have a stellar rep.

Your reference is:

1. An opinion piece

2. From 2012

3. From the Wall Street Journal

4. Behind a Paywall

So forgive me if I lend less credence to it than, say, an article from America's Finest News Source.

DUDE, WHERE'S MY CAR? New leccy BMWs have flimsy password security – researcher

Steve Knox
Boffin

Re: Ahem!

Actually, what he's advocating is security bolstered by obscurity. Security through obscurity relies on obscurity as the primary defense (e.g, a proprietary encryption algorithm, or even a hidden private key).

He's not saying that they should use obscure usernames and that's all, he's saying if they can use obscure usernames on top of a good password/encryption scheme, that adds an increased level of security. He's not saying rely on obscure usernames, but take advantage of the opportunity.

Furthermore, one's e-mail address need not have anything to do with one's login name, even within the e-mail system itself, beyond an association in some database.

Bing's the thing in Microsoft's push for cheap Windows devices

Steve Knox

Re: So where are the Whiteknighting MicroSoft Shister-Team

If you actually want to know the difference between this and OEM complaints about Android, tell me how one can manufacture an Android phone with Play Store and gMaps, but using alternative search engine... even if I, as am OEM, are willing to compensate/pay Google for the privilege...

So your position is that Google Play Store and Google Maps are right as rain, but Google Search is somehow the devil? Play Store and Google Maps are not part of Android, they're part of Google Services. They are in no way required in order to have a functioning Android-based system. Tying them to your OEM Android requirement would be like tying MS Office to the OEM Windows requirement.

Dropping this specious condition, look no further than Amazon for a non-Google OEM implementation of Android. For phones, look no further than Nokia. For non-OEM, look at CyanogenMod.

Microsoft’s 'FIRST NOKIA' arrives at £89

Steve Knox
Meh

Re: Might consider this

Last night I discovered a new game, which I decide to install on both my cheapie Android tablet and my iPhone 5 as the game was available for both platforms.

The Android table gave a cryptic error message when I tried to install the game via Google Play Store. After a bit of researching (using Chrome on the tablet) I determined that I had to delete my account from the tablet, re-add the account, and then all was well.

The iPhone refused to even search for the app on the App Store. Safari was borked as well, so I couldn't research the issue on the phone. Went back to my desktop to research, and found out that I had to restart my phone, then install the latest iOS update, before I could use the App Store again.

So, my experience is that every device has its troubles. Personally, I'm more forgiving of these issues on a $100 tablet than I am on a $500 phone.

LifeLock snaps shut Wallet mobile app over credit card leak fears

Steve Knox
FAIL

PCI DSS is a BARE MINIMUM

Target and other recent targets were in full compliance with PCI DSS, yet they were still pwned because they were lax in areas where the PCI standards wrongly allow them to be lax.

So for a company whose reputation is based entirely on securing their customers' data, not even meeting the bare minimum, known-to-be flawed PCI standards is an epic fail.

Job for IT generalist ...

Steve Knox

You may need to narrow your target

Aside from the good advice above, you may also want to look at the nature of the companies to which you're applying.

I find larger organizations (generally over 500 employees) or IT-specific organizations tend to have rigid structures with more specialized positions and requirements. Look for smaller firms: they'll be more likely to have need for a part-network-admin, part-dba, part-hardware guy. I also find they tend more to look at all of your qualifications and, if they like you, to adjust their organization (a bit) to fit you in.

Google Glass GOES GLAM, grabs Gap guru

Steve Knox
Trollface

"the seemingly simple, but truly audacious questions Glass poses,"

Such as,

Can Google singlehandedly make techies look as unattractive as they did in the eighties?

Will people really buy something that has the potential to record everything you see from a company which profits from knowing you more intimately than you know yourself?

and, of course,

Just how much over the odds will extreme technophiles pay for a new massively-overhyped gadget, anyway?

Boffins suggest storage be baked into mobile base stations

Steve Knox
Headmaster

Re: Boffin's say - FFS !

Since both of you failed to use apostrophes properly, I see no reason to consider either of your opinions, which is just as well, as I am an American who values both boffins and the term boffin, thus handily proving all of your prejudices expressed within this forum wrong in any case.

Steve Knox
Happy

"Their base assumption..."

Win for that, alone.

Boffins 3D-print biomimetic shark skin

Steve Knox

Cue the Next Controversy

shark-skin olympic swimsuits, anyone?

Scots team builds SONIC SCREWDRIVER to repair damaged nerves

Steve Knox

Re: Now there's a job description for you...

http://www.thefreedictionary.com/reader

First entry, definition 5 / second entry, definition 3a / third entry, definition 6.

Mozilla agrees to add DRM support to Firefox – under protest

Steve Knox

Not Quite

The W3C spec requires the use of proprietary Content Decryption Modules, ...

That statement is inaccurate.

EME requires the use of CDMs, which may or may not be proprietary. An open CDM is possible and is not prohibited by EME.

The choice of which CDMs are authorized to decrypt which content is given to the content producer, while the choice of which CDMs are available on a system is given to the system owner.

Boffins say hot air makes Antarctica colder

Steve Knox
Paris Hilton

Re: Warming more slowly=getting colder.

Care to counter science with science instead of mindless repetition of talking points based on a complete misunderstanding of the economics of scientific research?

Powershell Terminals

Steve Knox

You might want to check out http://technet.microsoft.com/en-us/scriptcenter/ee861518.aspx

There's a list of resources there, including script editors.I haven't gotten deep enough into PowerShell to be able to recommend anything, but I probably will need to soon, so I'll be watching this topic with interest.

Nintendo says sorry, but there will be NO gay marriage in Tomodachi Life ... EVER

Steve Knox
Facepalm

Re: "such a significant development change"?

Actually, I have worked on some very complex applications. They're hard to avoid when developing for over 32 years.

Much of my work on complex applications has been reducing complexity by removing duplicate code and simplifying overly complicated structures that hack programmers put in there because they didn't know how to properly optimize their code.

If they have a complex structure for gender, or they have duplicated the test for gender [in]equality multiple times within the marriage-related routines, then they're crappy programmers.

Steve Knox

Re: Who?

The only rights a customer has are to get what they paid for...

And there's the rub. What did the customer pay for? If the ad states that marriage [unqualified] is an included feature, how should that be interpreted?

We have societal structures to define marriage, but they're in flux, and besides that, simulation games are not restricted by societal structures. That is, in fact the attraction of most of them: they allow people to explore possibilities they are unable to explore in real life.

If marriage is coded into a simulation game, code would have to be specifically written to check the genders of the two characters getting married. That means that gay marriage would be enabled by default in any such simulation, until someone deliberately considered the possibility and specifically chose to disallow the functionality of gay marriage. They would have to do additional work to turn off the possibility, as nicely illustrated by the "bug" allowing male-male marriage in the original release.

So it is not an unreasonable argument for a customer to claim that they believed "marriage" would not be restricted in the game, and it is an unreasonable argument to claim that additional development work is necessary to "enable" a feature which had to have been intentionally disabled to begin with.

Steve Knox
FAIL

"such a significant development change"?

If it's not a simple boolean check, their programmers suck.

The ULTIMATE space geek accessory: Apollo 15's joystick up for sale

Steve Knox
Headmaster

Re: Eh?

Wrong question.

So, how come this joystick still exists?

If your other assumptions hold, this joystick would still exist in some form in some place. I think you meant to ask:

So how did this joystick come to be here?

Moving on:

Did Scotty dismantle this prior to stage sep before de-orbiting, and then carry an extra, unplanned object of unknown mass back in the CM to Earth?

Well, it wouldn't be the first, nor the last, time. For example:

http://www.dailytech.com/Camera+Used+by+Astronauts+on+Moon+Pulls+940+Gs+at+Auction/article34582.htm

Steve Knox
Joke

Hmmm....

I have been looking for a new gaming controller...

Would make the odd Lunar Lander stint that much more immersive...

How Google's Android Silver could become 'Wintel for phones'

Steve Knox

Re: misreading history ?

That battle was almost entirely server-side, as Intel never got the Itanuim down below workstation-level pricing.

Besides, it was Intel's battle to lose. Y'know the x86 part of x86-64? Intel owns that. They lost that battle, but would have gone on to win the war either way.

Symantec: Antivirus is 'DEAD' – no longer 'a moneymaker'

Steve Knox
Thumb Down

Re: 1000 thumbs down can't be wrong

And you should have gotten those 1,000 thumbs down.

Whilst AV is not perfect, it does have its use. I'd agree that you shouldn't use shite, like Symantec's or McAfee's offerings, but a good free individual solution like MSE is a necessary part of protecting a Windows PC.

Good AV doesn't waste time trying to protect against unknown threats because those are properly in the domain of firewalls, user restrictions, and system file protections.

The audit tools you described are worse than useless, because they don't prevent anything. "Hey, spyware.exe just replaced explorer.exe and sent your password wallet to somewhere in the Czech Republic. Have a nice day!" doesn't help the fact that your computer is now toast and your online accounts are soon to be.

Review: GFI Cloud eliminates need to nursemaid Windows

Steve Knox

Pics, or it didn't happen

Agreed.

Trevor, you spend a lot of words describing the interface, which still doesn't tell me, for example, where the "Network button" is or what it looks like. One screenshot would give all of those words context and meaning.

HALF of London has outdated Wi-Fi security, says roving World of War, er, BIKER

Steve Knox

Security is like an onion

Our guest WLAN at work is WPA2 enctrypted and we have QR-Codes for smartphone and tablet users to set up the connection automatically and the password is available upon request for PC users.

So all I need are some stickers and I can mess up your guest WLAN, or worse, send your tablet/smartphone users to my malware-ridden network or site instead?

Hypothetically, of course.

Super-heavy element 117 DOES exist – albeit briefly. Got any berkelium handy?

Steve Knox
Happy

Re: 'What any black mulberry tree knows'?

Morus can also mean fool. But your translation is acceptable.

Steve Knox

Re: What? Renaming atoms?

1. Those names are provisional names which are just Latin forms of their atomic numbers (quod ullus morus scit.)

2. Provisional names are reserved for elements which have not been discovered and verified.

3. Giving discovered elements non-provisional names provides a quick way to identify what has actually been proven to exist and what is only theoretical. Your electronic periodic tables are incorrect if they're marking 113,115, 117 or 118 as actually verified.

4.It also provides job security in the economically influential periodic table printing industry. Keep refreshing those posters and shower curtains every time a new element is created: you're supporting tens of jobs.

Larry Ellison looks out from his island paradise and thinks: I wanna buy the LA Clippers

Steve Knox

Re: Ellison may not want it, though

The only people who support Sterling are those who don't understand the difference between free speech ("I may disagree with what you say, but I will defend your right to say it...") and consequence-free speech.

Free speech means that the GOVERNMENT should not be able to prevent you from saying something (or punish you for doing so), except in cases where saying that thing creates a specific public hazard (e.g, shouting "FIRE" in a crowded theatre.)

In Sterling's case, as in Eich's before, the US government is not involved. Instead, it is societal pressure which is being brought to bear. Trying to prevent societal pressure is actually contrary to the principle of free speech, as it requires the use of regulation to hinder the individual speech of which that societal pressure is made.

My experience has been that supporters of "consequence-free" speech (whereby society is essentially vilified for reacting to free speech) have largely been concentrated in the political right in the US, but that is merely opinion, not valid statistical data.

Microsoft's Azure cloud goes a bit wobbly in West Europe

Steve Knox
Trollface

It's your fault

If you'd allow MS to store copies of all of your data here in the US, they could just redirect affected customers to a US mirror.

Did Google order staff to 'steal' web ad cash from publishers? THE TRUTH

Steve Knox
Paris Hilton

'lay-offs if they failed to "enforce the company's wishes."'

Why not just fire them for not doing their jobs?

AMD adds ARM security core to new, low-cost x86 mobile processors

Steve Knox
Trollface

"Fan-free Beema and Mullins chips add Android support"

Hasn't one of AMD's biggest problems recently been that much of their product line has been fan-free?

Thank you, remember to tip your waitress.

True optical zoom coming to HTC smartphone cameras

Steve Knox
Paris Hilton

NOOOOooooooo!

NO optical zoom on selfies PLEASE. I don't need to see more details on any of those faces...

NASA finds first Earth-sized planet in a habitable zone around star

Steve Knox
Happy

Around a red dwarf you say?

Shall we name it Fiji, then?

BOFH: Oh DO tell us what you think. *CLICK*

Steve Knox

This boss appears to be worthy enough for Simon and the PFY to actually induct him into the Arts of Bastardry rather than do him in.

The two are not mutually exclusive.

They generally let a few secrets loose shortly before the offing -- gives them a little more motivation.

Steve Knox

Re: Oh, to be a fly on the wall...

I'm not certain that anybody would survive the experience, but I'd pay good money to watch Dominic against the BOFH in an interview...

Whilst it might be fun to watch the fur fly, there's the much more sinister possibility that they actually get along... Would it be worth the risk?

A black box for your SUITCASE: Now your lost luggage can phone home – quite literally

Steve Knox

Re: Why?

They should have made it more useful - a timer starts after the first SMS is sent. You inform airline that it is out of your control - unless the timer is reset by your fingerprint in 24 hours, the case will explode. that would get it back quick enough...

No, that will get it blown up by a bomb squad at whatever airport it's in, and you twenty or more years in the nick.

Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run

Steve Knox
Coat

Aw, come on guys...

This ain't exactly rock.... what? Oh it is? Precisely?

Never mind.

SpaceX Falcon tests hovercraft tech – despite ISS outage

Steve Knox

Re: ohoh

Resources maybe, money is quite often a wash. Remember it frequently costs more to fix things than to make them from scratch these days. And I say that as someone who'd really rather fix than replace in most instances.

Since the only long-term value of money is as a proxy for finite resources, this says more about the weaknesses of our economic systems than it does about the validity of the reuse philosophy.

It may be ILLEGAL to run Heartbleed health checks – IT lawyer

Steve Knox

Re: Trusting trust

@Pete 2 - Agreed. +1 for the Ammonia Avenue reference.

@heyrick - if you don't trust them to provide you with accurate and necessary information regarding the security of your data on their server, why are you trusting them with your sensitive data at all?

Citrix, Google kick XP's still-twitching corpse

Steve Knox
Coat

Sure, but...

can they pipe Crysis?

The Great Hash Bakeoff: Infosec bods cook up next-gen crypto

Steve Knox
Paris Hilton

Re: Having a cracking time

The ideal password security system would contain features that would be unknowable to, or unusable by, people to whom the security credentials did not belong.

Given the repeated findings that people give up their own passwords under the flimsiest of pretexts, the ideal system would contain features unknown to the very people to whom the credentials do in fact belong.

SQL giant Oracle plans NoSQL standards body – top Reg sources

Steve Knox
WTF?

Standards!?

The emphasis of the standards body will be on go-to-market strategies, marketing, promotion and further commercialization of the technology rather than defining technical specifics, we understand.

What strange usage of the term "standards body" is this? Sounds more like a sales team.

Judge strikes down Apple attempt to bar Samsung's 'untrue' patent comments

Steve Knox
Holmes

I've figured out the cause of all this.

No, it's not the late Steve Jobs' "war on Android" comment.

The problem is, Apple has too much cash hanging around.

See, their shareholders have been pushing for payouts, and they don't want to pay out. So (here's their mistake) they went to their lawyers looking for a way not to payout. The lawyers' response:

"Well, some nice costly lawsuits (patent ones, for example -- we could really draw those out forever) could convince the shareholders that you need to hold onto that mountain of cash as a legal reserve..."