To be fair, it is no worse than their false positive rate for four months of Skype activity.
Posts by Adam 1
2545 publicly visible posts • joined 7 May 2012
Page:
UK smut filter may have sent game patch to sin-bin
LogMeIn: We're stopping our free offering from now
Redmond researchers profile Skype scammers
Good news: 'password' is no longer the #1 sesame opener, now it's '123456'
VCs drop cash on DropBox, bestow $10bn valuation
Tuesday 21st January 2014 01:12 GMT
The problem I have with dropbox and similar services is that your don't get a say where your data is held and you rely on them to have appropriate security arrangements. I use btsync myself because there is no third party holding your data. The main downside is you can't just send a file by URL and that the syncing will only occur while your computer is on.
Obama reveals tiny NSA reforms ... aka reforming your view of the NSA
Saturday 18th January 2014 02:13 GMT
Re: "Having faced down the totalitarian dangers of fascism and communism"
> If it weren't for the involvement of the US in WW II, most of Europe might be speaking German today
Good Lord. I don't wish to downplay the significant role that the US had in both Europe and Pacific both directly and indirectly, but you do owe it to yourself to actually read something on the matter rather than assuming saving Ryan's privates is all there was.
The eastern front and particularly Stalingrad was much more strategically significant than DDay and the allies were helped by Hitler's military stupidity going for the symbolic battles against Moscow and Stalingrad rather than locking up the oilfields and building massive battleships rather than the uboats that were crippling British supply lines.
Not to mention the Italians cocking up in Greece and Africa and needing to be rescued by Germany.
The US did help prevent western Europe having a new language but that language was Russian.
NSA: It's TRUE, we grab 200 MILLION of your text messages A DAY globally
Friday 17th January 2014 22:11 GMT
Re: "Lawfully collected"???
> But who made it legal in the UK for a foreign power (the US) to snoop on us without a warrant issued in the UK (and the same applies to every other non-US country)?
Hate to break it to you but UK law has no jurisdictionoutside the UK beyond treaty obligations agreed between the countries. That is why women are allowed to drive in the UK in spite of backwards laws in some other countries that forbid it.
Java, Android were THE wide-open barn doors of security in 2013 - report
Friday 17th January 2014 09:02 GMT
> malware developers in the mobile realm seem laser-focused on Android, with Android users experiencing nearly three quarters of all encounters with web-based malware in 2013.
Wouldn't that be expected given that android claims about 75% market share? Isn't that like saying Toyotas are less safe than Porsches because they are involved in more accidents?
Ian Williamson: The engineer who gave Sinclair his first micro
Mountain bike mishap man suffers SEVEN WEEK stiffie
Hubble 'scope snaps 600-LIGHT-YEAR-wide pic of star-spawning nebula
Remember when SimCity ABSOLUTELY HAD to be online? Not any more – fancy that!
Cicada 3301: The web's toughest and most creepy crypto-puzzle is BACK
'Leaked' iPhone 6 pics will make cool fanbois WEEP - it's a PHABLET
Europe MPs: Time to change our data-sharing policy with US firms
BlackBerry sues American Idol host's company for 'blatant' patent infringement
iPhone fanbois outsmart fandroids in totally reliable test of brain power
Australia puts 300 sharks on Twitter
CryptoLocker creeps lure victims with fake Adobe, Microsoft activation codes
Thursday 2nd January 2014 23:04 GMT
Re: So what can be done to nobble the Crypto API ?
If only it were that simple. If the Crypto API was nobbled, it would break the ability to perform authentication (validating password hashes for logins / network shares) and break the ability to generate and validate session keys (https). It would also break any application relying on the API (usually random number generation, encryption for secure data transfer or hashing).
Additionally, it would be ineffective because there are countless libraries that provide the same functionality. It would increase the payload size of the malware by a few hundred KB but that is about all.
Acer C720 Chromebook with Haswell battery boosting goodness
Saucy Snapchat addicts EXPOSED: Exploit code to poke holes goes wild
Apple wants sales ban on Samsung smartphones nobody is selling
Get lost, fanbois: Nokia pulls HERE Maps from Apple's App Store
Want access to mobe users' location, camera, phone ID? EXPLAIN YOURSELVES - ICO
Tuesday 24th December 2013 12:11 GMT
Re: Can't say no..
In principle you are right, but it is not possible for developers. The security model requires all permissions to be identified in the manifest "upfront". There is no way for a developer to indicate whether a permission is mandatory or optional. There should be but there is not.
For example, Bittorrent Sync requires has some pretty obvious permission request which the app would be useless without (full network access / USB storage). But it also allows you to generate a QR code to setup a sync folder. This means it has to request access to the camera. This means they either have to request that token, not offer the feature, or offer umpteen versions of the app with various combinations of permission requests.
Tuesday 24th December 2013 09:57 GMT
Dear Google,
Please provide a way of:
1. Allowing developers to explain next to each token the reason they need it. Some apps do this in the description or FAQ, but on the popup with a big red "We're not telling" by default will encourage some disclosure.
2. Allow selective denial of permissions.
Thanks
RSA comes out swinging at claims it took NSA's $10m to backdoor crypto
Tuesday 24th December 2013 09:42 GMT
@AC, it all stems back to who you think their customer is.
I remember the Trustwave CA signing the root certificate for surveillance controversy from a few years back. The only use of a CA is to tell you whether the server you are talking to matches who they claim to be. If that is not what they are doing, then they are failing their job to prevent man in the middle attack.
The difference here is obvious but the reasoning for the outrage is the same. For what purpose does RSA exist if not to provide secure communication between devices? If it knowingly allows this to be compromised, then it is of no value to me.
I have no problem with it offering Dual EC DRBG as an option, but it should have been actively advising against using this since 2007 when the backdoor was found.
Gift-giving gotchas: How to avoid Xmas morning EMBARRASSMENT
Tuesday 24th December 2013 03:23 GMT
Re: Just a moment on camera battery advice
One other thing I didn't want to get in to, or we'd have spent the whole article talking about batteries, is of course that some makers have firmwares that reject third party batteries, so you need to check that first, if you're going to buy extras so you don't waste money buying such a device.
/Fixed
Silk Road 2.0 busted! At least two arrests as federal crackdown begins
You've got $60k: So, 2013 sporty Corvette, or a year of AWS's new I2 beast?
Code-busters lift RSA keys simply by listening to the noises a computer makes
Mozilla: Native code? No, it's JavaScript, only it's BLAZING FAST
Friday 20th December 2013 20:15 GMT
Re: Very Nice Mozilla @Adam1
Some functions of Firefox require more than 64KB of addressable memory which rules out a 16 bit address space, but why not try to answer the question?
64 bit processes can do some ops faster like floating point manipulations but it makes other things slower like copying pointers. The main advantage from a browser's point of view is the ability to make use of 2GB RAM which makes a lot of sense when your 25 open tabs are combined in one address space with the 8 plugins also loaded, but if you have already separated it into a process per tab model then you are probably a long way south of 2GB.
Or have I just been trolled by an rf -rm handle not noticing the advocation of threading and missing the irony. If so, well played sir.
Proposed California law demands anti-theft 'kill switch' in all smartphones
Friday 20th December 2013 07:08 GMT
I doubt that bargain bin phones are really the issue these days. By the time your IMEA is blocked you have a toy that can't connect to the mobile network . Given the specs of landfill android and winphone that market will only shrink.
A more likely scenario is that your phone is still stolen, pulled apart and then sold as a refurbished battery, screen and ųSD card.
Biting the hand that feeds IT
