Posts by Voland's right hand

Re: Next time I have a hardware procurement choice....

I do not quite see your point. The problem is not Dell (or Lenovo) hardware. It is the complete and utter incompetence in bundled software. That is common across the board in most hardware manufacturers. They "Do Not Get It". It does not matter what you do in software - you may walk on water, feed the hungry, etc, a geezer in the hardware department which has managed to reduce the number of capacitors on the board by one will get a bigger bonus and more kudos than you.

So rather unsurprisingly, they suck bricks in software (something which makes me wonder about the wonderful EMC deal as storage == 90% + software).

The solution to this is not to blacklist their hardware. It is to wipe their software and install from retail media. C'est la vie - it is something you have to budget for when buying a PC if you want it to work well.

You missed the point

It is exactly what Mbeki from the Dell Service Department in Lagos needs. He also needs your credit card number and the CVV code, but that is something he will get via a minimum amount of social engineering.

Re: Lacking context here

It is monetized. The engine design has been purchased by the United Launch Alliance. Effectively the usual suspects - Boeing, etc have conceded that Besos has done a better engine design than them.

We will see on the actual landing mechanics - I suspect that will be monetized as well. The rocket showed some very impressive stabilization capabilities.

The difference between Bezos and Elon is that Bezos as a habit monetizes by component not e2e - every single piece of the Amazon puzzle can stand on its own starting from the backend (which is now AWS) and to the logistics. This is no different - it is being monetized by component.

Re: The "attack" described is not on the messaging, it is on initial authentication

Well, where else do you get 'em if not at the initial authentication? That's how you MITM everything AFAIK.

Initial authentication in the Telegram case is same as ssh - recognize other party's key and cache it. That allows MITM with any system (ssh, OTR2, etc). For that, it does not look any better or worse than any system which does not rely on x509 certificates (again, ssh or OTR2 are examples).

The more interesting MITM would have been a MITM on sessions. Now that would have been an encryption failure.

While Moxie is generally right, he sets the bar too high. There should be encryption for the masses and this looks like a reasonably good implementation of a mass market encryption product. Not as good as the top of the line stuff, but miles ahead of what you get out of the box.

Re: Good

The fine can be any size. Company folds, no fine is paid, director starts another company, rinse, repeat.

As long as the fines are not personal and the penalties are not criminal this will not stop.

Re: Key Homo Sapience species trait

Er, people aren't starving because they're fussy eaters.

Nothing to do with eating, to do with growing. My dad, grandad, grandgrandad, ... has grown ALMONDS. I SHALL GROW ALMONDS TOO. Oh, shit no water around, that is a problem, how about growing wheat or barley? NO I SHALL GROW ALMONDS and I shall call my congresscritter/congress of people's deputies rep/Grand theocrat/whatever to ensure that my ALMONDS GROWING interests are not impinged on.

Depending on the region, search and replace ALMONDS with rice, potatoes, olives, grain, etc - you name it.

Re: what's stopping me

I think you missed the point (and so did the article).

This is a kvm replacement for OpeBSD. Even if it runs just Open/Free/NetBSD and Linux initially as guests that is still quite valuable for environments where you want a bomb-proof hypervisor.

Re: One less now...

Well, if you're using an adblocker they aren't making any money from you.

They are - by trawling your email, building a martketing (not just advertising) profile and selling it to someone else. The fact that they are selling somewhat damaged goods and the profile is not usable by the advertiser because of APro in that case is not so relevant. It can be used by other means - it will now change the selection of what is "related" offered on various e-commerse sites, etc. All stuff marketeer scum loves.

Re: Haven't a clue

As soon as you start with bounties, [bad guy warlord supporter] will hand over [insert rival warlord], get some hard currency to carry on their work while you do their dirty work.

That is fine - the process reduces the number of warlords over time. A few rounds and they are down to:

1. A much lower number than now.

We presently have several _THOUSANDS_ of terrorist organizations and groupings in North Africa, Middle East and Afghanistan/Pakistan competing to get the world's attention. That is the biggest problem and the rationale for the surveilance - they are so many that we can no longer target them via humint and track them.

2. The survivors will be well known. No more obscure Al-clusterf** of the day from village in the middle of nowhere (insert your rural backwater salafist community of choice).

Now terminate the remaining ones by conventional means (Expendables, Soldiers of Fortune working for the bounty or just a hellfire missile through the window).

Re: This one is a known "immune system modifier"

Time to scour this worms waste products for antihistamine compounds and/or hormonal stimulants/depressors, methinks.

They are being scored. Off the top of my head there is at least one guy in Oxford Uni who is working on that. There are a few places elsewhere too.

Re: WRONG

Why fake? Full body burka and any female ID card with a middle-eastern sounding name will do.

Intelligence services are once again coming under correctly-directed fire

Not quite. They should come under fire that they had all the data needed and failed to connect the dots.

The biggest problem of intelligence today is not the lack of information, it is the information flood. The final links in the chain - the humans that are supposed to evaluate the processed information and make decisions are overwhelmed.

Banning or backdooring encryption will not help this one in the slightest. In fact, just the opposite. If they cannot handle the flood today, how the f*** are they going to handle the deluge in that case?

Re: You get what you pay for

Nothing to do with that. The picture is typical of embedded programming.

Updates? What updates. OS and 3rd party components are used at base versions and never updated. In fact there is no way to update them. There is nobody in the company keeping track of security issues with them either. No security awareness, no defensive programming, no... This is for _BOTH_ onshore and offshore. It comes with the territory.

However, the whole thing is proudly embedded (I have wished many times to embed the keyboard of one of these jockeys in his skull).

They have moved

f the EU gps companies ei Tom Tom etc don't want to lose business let them move into the modern world and produce a better product

They have. Tom Tom maps are licensed to Sygic which on Android beats Google Maps hands down. I have clocked in excess of 18K miles around Europe using it and compared to it Google Maps are still (till this day) a joke. Tom tom also has its own app for Apple if memory serves me right.

You get the cookie if you click

You get the cookie if you click as well as if FB CDN displays anything on your machine. Logging in is unnecessary.

You also get it if you are served that "in-your-face" "people like it" dump which some websites hit you with.

In either case there has been no request of consent to track as required by Eu directive so FB is going to find itself on the wrong side of the Eu data protection.

Re: ERR.. NO...

But you're ignoring the central issue that containers are not a replacement for virtualisation in most scenarios

Container IS a replacement for Vmware in most scenarios in a Linux shop. The sole reason you are virtualizing is because the Vendor and or IT OPS are incompetent to package something correctly so you cannot run the apps on a shared platform and you need to reuse servers for multiple apps for cost reasons.

This use case does not require IO isolation, different kernels, etc. All you need is to application isolation and some level of resource management which containers are perfectly capable to deliver. Even the most basic container environments like LXC can manage IO limits, memory limits and if you know what you are doing you can manage network limits and network QoS on the platform.

Typical example - 7 slightly different build environments for 7 releases/branches of an app using something broken that refuses to play ball to share its toys like java/maven + OSGI. Sure - you can VM it. That is both stupid and incompetent as all it needs is 7 containers. Web apps - even more obvious example. Databases - same story. And so on. It is only when you reach the point where you need to run the company firewall in a VM where you need VM level of isolation.

Re: I would build down not up.

Second thought.

For the same cost as building under the ground you can build under the Gulf/Indian Ocean/Red Sea/etc. That does not get hotter than 30C even in a 50C heatwave

Re: She's still there

Why specifically Talk-Talk - most UK PLCs are not any different.

Re: Probable Cause

It's a prop.

It used to work. Al Pacino burned his hand on the barrel when filming.

So it definitely could shoot blanks when Scarface was being filmed.

Web blurb is meaningless

The web site is all marketing and no substance, but it looks like it carries some sensors in addition to the notifications part.

There are two gadgets that look like fashionable take on fit bands and a relatively conventional Fossil watch.

Probably for the better

If they could arrest for the contents of minds I would spend the rest of my days in jail.

Search - maybe

Search ~ maybe

OS == No. That is not a contestable monopoly. This has been proven in multiple court cases - Microsoft, IBM, etc.

OS + Search == Definitely No

OS + Search + Browser == Hell No

OS + Search + Browser + IM + Social + Payment + Office == Lucipher on a snowplough clearing the runway for the Porcine Attack Squadrons for it to be a contestable monopoly. You will need the GDP of a Top-7 economy to even consider it.

Nah, MOTs typically don't measure for specific, type approved figures on CO2/NO2 etc - just 'safe margins' IIRC.

Mots check for implementation of mandatory recalls and fixes. This would be the first time it applies to emissions though. This has been used so far only for things like seat belt failures on the mid-1990es Nissans, etc.

Re: Going out on a leg here, but...

32 - yes. 64 - I doubt it.

Wrong

Even in pure EGR designs like Isuzu the real life emissions are not far from the lab. BMW, Daimler, etc have all managed emissions in real life which correspond to real life reasonably well (less than 3 times difference). There is only one other manufacturer which has an order of magnitude difference between lab and road.

I am going to venture a guess why. This is a natural result of a company which has elevated Branding to and above the level of Engineering in a business that is by its nature engineering driven. VW is the only car company which has an EVP solely in charge of branding and at the same (or higher) level as the director of engineering.

It is also a company which does not follow the best R&D practices where you develop something, push it out in small quantities to a particular (and usually well known) pilot brand and promote to your main stock only if it works in the field. It originally set-up Skoda/Audi this way and by sequential orders of Branding and Marketing over the years rolled back that division to the point where VW separates solely on the basis of what trim and how plasticy is your car trim. There is _NO_ pilot series and no natural "promotion to mass manufacturing" any more. Branding and Marketing also put the stake through the original idea of Skoda being the testbed for new tech from 12 years ago (that lasted as long as Fabia Mk1 and Octavia Mk1).

As a result, any major changes as needed for example to comply with new emissions regs, end up as extremely high risk as they are not tested properly in small series on the road first. This, in addition to shiny-shiny being given higher priority than actual engineering results in a natural tendency to cheat. Nothing surprising here.