Posts by Adam 1

Re: Opt out

Android 6+ changed the permissions model from an all you can eat buffet to an ask on first use. Basically the same as iOS. That is definitely a good start. Could it be improved? Well a guess you could add a preemptive decline feature (seems to be what you're looking for). I can't see why they can't allow mock virtualized data points. App wants location? Why not let me choose an answer from Google maps to tell that app whenever it asks. App wants contacts? Let me pass it a fake address book. App wants access to file system. Let me pass it a virtualized version safe in their sandbox.

Tbh, the biggest failings with android permissions is the fact that so many phones are still sold with Android 5 and will never see an update.

Re: Huh?

> The BSDs don't use the Linux kernel and neither do the commerical UNIXes like macOS, AIX, Solaris and HP-UX.

Although it must be conceded that relying on a copy on write bug to get root on MacOS is a tad unnecessary.

Re: Chicken cannon/ This:

> If he hadn't discovered gravity then the aircraft would just have floated gently back to earth

Speak for yourself. Down under, the prospect of such a failure means that your aircraft slowly drifts into deep space.

Re: Chain of evidence

> This less than a year after my vote in a local election tied one race

I note your local election and raise you a whole state senate election.

Re: I don't get this article at all.

> There is no way to reset that password, because the backup is encrypted with that password

Highly unlikely (and pretty dumb security wise if true). The backup will be created with a randomly generated key. That key will be encrypted with your password. To change a password, it can retrieve the random key with your old password, then re-encrypt it with your new one. It only needs to overwrite a few KB to change a password.

I have a real beef with pho. Absolutely delicious.

Re: Haunted messages...

> Apple Remote Desktop used to have a lovely "play sound" function, as well as the capability of turning the microphone on remotely

Pretty sure they just brought that feature back. Have you tried logging in as root and pressing the OK button twice?

Re: fossil fuel - we're addicted.

> For an average 50 litre fuel tank, that's about 400 kWh of stored energy

The vast amount of this stored energy is used to warn the air just behind the vehicle. Of the remaining, a rather substantial proportion is used to warm the brake pads. Only a very small fraction is actually able to be used for propulsion and running ancillary systems (A/C, radio, lights etc) which we would consider as "useful work".

Unless an EV needs to replicate such wastefulness, it doesn't need that sort of energy density. Frankly, a 1 minute fast charge is a pipe dream, but a 1 minute swap and go is not beyond our engineering capabilities today. Creating a non patent encumbered standard that is somewhat future proof and workable for all manufacturers. That's a much tougher nut to crack.

Re: Simple rules

I have no problems with your rules, but there is something still missing. Advertisements, by design, are an attempt to distort your perceptions of a brand in order to manipulate the way that you will behave. There are a number of reasons that an advertiser may wish to do this.

Firstly, the obvious case of pointing out the inadequacies of your existence without their good or service reaching new markets.

Secondly, the case of pointing out how their competition is not able to solve your inadequacies brand awareness.

Thirdly, the case of burying bad press reminding the public that we value your privacy/the environment/customer safety/diversity/safe workplaces for women/whatever else we've done to be a headline. You should totally love us.

Even ads that pad all of your rules with flying colours are no doubt trying at least one of the above three things.

I knew there must have been a superfluous GOTO FAIL; in there.

Re: "Gameify" it

> You need another 47 points to unlock 12 character passwords *and* two new login images!

Cyber Monday special: Unlock 12 character passwords *and* two new login images for only $3.99

Offer may not be used in conjunction with any other offer. Individual images may differ from store to store. While stocks last. Any similarities with offers in EA games are purely coincidental.

Unless it is published somewhere or someone tries to blackmail them, or a suspicious enumeration pattern is detected, then why is it such a surprise that the vendor wouldn't know? If whatever IDS they use (or don't as the car may be) didn't detect the leak, then you don't know what you don't know. In a good deal of cases, the breached data might be circling but no-one knows the origin site. By all means, rouse on them for losing data that should have been private, but that turnaround time is impressive.

Re: Economics of software security?

> "To the extent not prohibited by law". i.e those words are a waste of space as they have no legal standing at all but are just intended to persuade someone not to attempt to exercise their rights.

Disclaimer: IANAL

Whilst that may be a convenient side effect, I believe that this phrase is legally significant in its own right.

Where that clause or equivalent is missing and the wording of the disclaimer is illegal (ie. Denies protected rights, very common with warranty and fitness for purpose disclaimers), the whole clause can be struck out by a court if challenged. That can leave the company horribly exposed. This clause gives them an out in many cases because their defense is that because they explicitly exclude your lawful protections from the restriction* they cannot be accused of trying to usurp them.

*Which Jo Average often does not realise even exist.

Pro tip: when trying to claim under warrant and the retailer and/or manufacturer are not playing ball and a reasonable impartial person** would agree that you have a case, using the right key phrases as expressed in your consumer protection laws goes a long way to getting your issue resolved.

** That requires some humble pie and not your BFF on twitface.

Re: I was taught...

> have you ever tried jamming a USB cable into a Firewire port?

No, but by my reckoning we should see a new species of cat5/USB anytime now.

And for the record, this is how a grown up service should apologise.

Apparently the other mob are going for better performance and less waiting around.

Re: So, No Other Google News Today, Then?

> It's like me farting in south wales and somebody detecting a whiff of that fart in scotland levels of sensitive.

Ah, so it was YOU!

Re: Fingerprint sensor on the rear

@MrBanana,

I find the old school switches/buttons and knobs far better than the same option through the touch screen. Whilst I *can* change radio stations or audio source via the touch screen, I only do that if safely stopped because a touch screen requires you to divert your eyes from the road and physical buttons do not. When I'm driving, I have a job to do and a responsibility to others to do that job competently. That requires full attention and correct body positioning to take evasive action if the need arises. Using a touch device, no matter how well it is otherwise designed, is incongruent with this responsibility. You (general you, not MrBanana specifically) are not so important that your right to fiddle with devices or check messages usurps someone else's right to safety. If you just must check that beep or send that message, then pull over and then knock yourself out.

https://www.ebay.com/new-or-unused/bridges

Resolved: 104.83.251.239

Works perfectly.

> Abolish road tax and put it on fuel instead.

Not the smartest idea. It is both unsustainable and regressive. It is unsustainable because a significant percentage of vehicles in the next decade will be PHEVs or EVs. We can agree to disagree on the rate of growth of these categories, but price is coming down, choices are increasing, range is increasing and a shed load of money is going into R&D, so it will increase over time. That also drives the regressiveness. It is the wealthy who can afford such cars, so they are the ones getting the tax break. The poorer folk fighting to keep some old rust bucket alive are the ones who get hit with this tax worst (that is true even today) but because of the reduction in tax take, the rate gets increased to retain the total revenue.

We saw something similar here (down under) with our power grid and the growth of home air conditioning. Back 30+ years, it was somewhere near 1 in 4 houses that had it. Today, every new house/unit has it almost without exception. Every renovation adds it. The extra draw on the grid means that* the distribution gets expensive upgrades to cope with the <50 hours a year where all those units are simultaneously on. Furthermore, old, unreliable, and inefficient powerplants at retirement age get billions pumped into them to keep them on life support for another 5 years. It's hard to complain** if you are sitting their in your A/C, being part of the primary cause of the demand side of things that requires. It is quite another (perverse) thing when you are not wealthy enough for A/C yet your pet bill has doubled in the last decade (and then some). The wealthy will respond to this by buying solar panels and battery storage, meaning all that investment capital gets recouped by those who can't afford to go solar/battery. It's a death spiral. So back on point, by all means have a sales tax on inefficient vehicles in the first place, or incentives to buyback old inefficient vehicles, or per Km billing, but don't put it on the fuel itself.

* not the only reason, also some gold plating going on.

** actually, it doesn't seem that hard at all

Re: Dammit.

Well maybe it's ok by all you guys, but I, for one, find this a real dick move by the pilot.

Re: Sport truck! 0-60 in 5 seconds

> Ever heard of regenerative breaking?

No. I have only seen working ones, but it should still be under warranty.

I'm actually with Scott on this. I thought (and still do think) he is wrong on uBlock/reporturi but HSTS is amongst the simplest steps you could implement because legacy browsers will just ignore it. Imagine you're a technical news website with a cloudflare cache frontend; your "changes" are to tick the box on the cloudflare control panel.

Banking websites are often necessary to check while travelling. If you connect to a free cafe/hotel WiFi and visit the http landing page they could easily deliver a fake version and use social engineering tricks to get you to submit over clear text. They might even be generous enough to include a padlock png with some fake browser chrome to make it look half legitimate. If the site used HSTS then they can't redirect it in the first place.

Re: distributed knowledge?

I'm happy to be downvoted but at least make a point about why my post is wrong or stupid or RTFA or something.

@phuzz, thanks for the link. It's good to see they are at least making the right noises. I think it's a bit generous to call it an "all you do" set of instructions. Most commentards here could do it but it is hardly folding@home or seti@home level accessible. There is a lot of focus on the great backup but potential distributed restore plans don't seem as developed. Bad actors are mentioned in passing but not strategies to figure out which is truth when for example a TLA pretends to be multiple actors and restores a different truth.

This would be an interesting application of blockchains or even with as a cryptocurrency. Imagine mining by proving that you have the hash of hundreds of random files from random places in the archive.

> That would be in breach of the NDNDAA

And we would share the NDNDAA but that would fall foul of the NDNDNDAAA. Again, I can't share the NDNDNDAAA specifics, but I can confirm that it talks a lot about turtles.

Servercredentials.txt? Really!? You are just asking to be hacked. What you should do is to call the file something more obscure like app.config, except further obscure the details by encoding them in XML.

Something like this is all you need.

<configuration>

<connectionStrings>

<add name="ProdDB" connectionString="Server=MyServer; Database=Prod; User Id=sa; password= re@Lly5Af3" providerName="System.Data.SqlClient" />

</connectionStrings

</configuration>

Re: About as fast as an Atom

> However the Intel blog posts is essentially threatening the OEMs with a lawsuit if this is enabled

The difference here is that Microsoft definitely want this to happen. They want to compete with tablets and Chromebooks but RT lacks traction and Intel can't hit that day spot on price/speed/power.

Microsoft have a big enough stick to force them to negotiate a license with OEMs to use those instructions.

Re: Hopefully it won't sink...

Icy; what you did there.

Re: Norton != Symantec

Just sayin'

Re: Gliding away

I assume that the canine boss is referring to the option in google keyboard by that name. I think that Swype did it first.

Sent from my glide typing keyboard.

Re: Yes, you can leak data via the screen

Real haxors would send files down one byte at a time by toggling the caps lock, scroll lock and num lock modifiers

Re: German Efficiency

> I guess that rules out "Open Source" for these things... dammit...

Ability to view the source code isn't the same thing as ability to flash a new version to a vehicle that you intend to use on a public space. You could regulate to demand that the source is available. That and:

(1) a mandated critical security bug bounty from the manufacturer; and

(2) full legal immunity for the researcher if responsibly disclosed to the regulator

Today security researchers have to use disassemblers (eg diesel gate) or otherwise MitM some radio transmission (eg Subaru keyfobs). They manage, somehow. (With some of the code I have had to look at, I glaze over with what the author was attempting to achieve, and that is with code.) But it would be better to remove that hurdle.

That is not the same scenario because even though you point out (correctly) the lack of savings, you are also implicitly allowing for the fact that the average person continues to receive payment for their labour in that currency.

If Anthony rather asked what would happen if everyone spent what ethereum they got as they got it and accepted more of it every other week as compensation for their labour and/or goods they had to sell, I think we would all agree that it is functioning as any currency should. His picture was about what would happen if everyone tried to totally rid themselves of the currency at the same time. He then went on to imply that this is a reason it should be considered a fake currency. My simple argument is that all currencies fail at that test. A dollar bill or a euro note has almost no intrinsic value. Maybe you could use wads of it to insulate your ceiling or walls, but we don't accept payments in such currencies because of its ability to keep our houses warm.

No, we like to accumulate these because we believe that others will value it in the future and at that time we can get some desired good or service by offering some of this decorated paper or polymer. Part of the reason for that belief is, yes, regulations that seek to limit the rate that new decorated paper/polymer gets created. This means that it is less valuable for me to hoard decorative paper/polymer as its buying power decreases over time. This drives people with surplus decorative paper/polymer to invest it in enterprises that pay a dividend.

There are of course risks associated with crypto currencies. You can lose your whole portfolio to a hacker, software bug or hardware failure. It is vulnerable to regulators who may restrict it in certain markets (leading to a combination of fewer buyers and a glut of sellers cashing out). But it isn't vulnerable to the Robert Mugabe style hyperinflation either. Nor can it be manipulated by governments to suit their trade agendas. I'm not saying you should throw your lot on this or that crypto currency. It isn't a binary proposition (er, pun not intended).

Re: 'image persistence' or 'burn-in'

> ...a foot operated button on the floor to dip the head lights.

> I actually thought that was a brilliant idea, and I'd love to see it "reinvented"...

Sadly we are going the other direction. My car goes all nanny state on you if your high beams are on and it thinks some street light in the distance could be another car.