Posts by Lee D

Re: Secure Chats

Or just don't send messages that you haven't encrypted yourselves too.

If YOU encrypt the message properly, you could CC: in the head of GCHQ, let WhatsApp double-encrypt it, or give it away in packets of cornflakes, and it would make no difference.

What you can't hide - and what spooky agencies should be using - is the metadata. What account you spoke to. When. For how long. How large a message. Who else did that speak to? Can you tie that to another person? That's what'll convict you if you can't provide a reasonable defence, and that's what they'll use to trace the networks (whether or not they bother or can get anything useful, that's subjective).

But the actual ENCRYPTION of a message is something that is quite easy to do. Do it offline and you know your key isn't compromised and don't have to rely on WhatsApp to secure it for you.

One of the stated purposes of encryption is that you can broadcast the message over a non-secure channel. Beyond that, it really doesn't matter. There are no such things as known-plain-text attacks, etc. any more with modern encryption, even.

If you're worried about the guy at the other end being your intended target of the message, that's what keys are for (you would have to verify them by some other means - again, an entry point for a spy agency, but pretty much they can just print their public key on posters and put them up around London if they like, that's why it's CALLED a public key - it doesn't help at all in decrypting the message and only the PRIVATE KEY that generated it could do ever that).

But the medium of transport? You could put it on Twitter with all the permissions open. You'd be giving nothing away about the content of the message by doing so that you aren't giving away by every other possible means. But they still won't know WHAT was said.

Re: When have a billion filesystems ever been upgraded without permission before?

Hey, no problem. I want to "test" Ext5. Can I just use your phone as a test device before I roll it out and not tell you?

Tinkering with filesystem code is the easiest way to cause data corruption. It's not like upgrading to a new style of GUI widget, it's literally implanting offsets and pointers into a permanent data store, that contain the locations of your files in storage. Get that wrong - even one bit wrong in an extreme circumstance, and you can trash the root or even end up with a slowly-corrupting filesystem.

Even with all the checksum checks and error correction in the world (hint: What are you going to do if the checksum comes back as "wrong"? Invalidate data. What if that checksum wasn't ACTUALLY wrong, but you forgot to include new-fancy-attribute-X in the data you were checksumming. You just lost a sector. Error "correction" does what it says - fixes things that it believes are errors.).

Using people as filesystem guinea pigs is the worst thing you can do in terms of data integrity. Even if just for testing. One wrong pointer and you can wipe out even the "backup" or other partitions - because they are literally just numbers in a box and if you have two "partitions" you've just assigned a convention of using numbers between A and B as one partition and between B and C as another, and then recorded A, B and C somehow. Get that wrong - even one bit out, or fail to check the write properly or any number of events and you trash the "new" trial partition and the "safe" backup of the user's data in one hit.

Gunsmoke.

Re: "Virgin rolled out a patch last month."

Have you never had your hub reboot on you, or do you just not monitor it?

My SamKnows broadband monitoring box often picks up the reboot and so knocks the statistics.

But my Draytek router also just fails-over to whatever else it likes when it happens (e.g. 4G / VDSL).

This is an IT site, yes? And you're just running a plain Superhub and haven't noticed this stuff?

AND WHY?!

Why would you do that? Is he going to be committing to the live database on his first day? No. Read-access, yes. Write? No.

Least privilege principle. If you don't have write access to it, you can't damage it.

And what prat just puts passwords for write-access on the production database in a document that's going to end up just-about-anywhere in six month's time?

This is my question, not "how", which you answer. WHY!?

Re: Email is a bit like KFC

Tell me about it. I work in schools. Once a year or more, you will get a whole-school email blast (to parents, staff doesn't really matter) that has the wrong info, doesn't have the attachment, isn't configured right for mail-merge or just plain shouldn't have gone out yet.

Email really needs Print Preview too. I've often considered implementing an email "hold-and-release" for everything external. Where your email client says it's sent but actually it doesn't get sent until you go into another interface, check the content (as they would see it, and clearly highlighting whether there was an attachment or not) and authorise it to actually go out for real.

You just know that people would still be in the habit of releasing every tiny email and so would just release the 500 wrong emails too. And if you put in a size/recipient limit on such a hold-and-release, you just know people would forget to release it, even with all the system reminder emails in the world.

Papercut gets it right for printing, and I think the functionality it employs should be in the core OS itself, we really need a way to get it right for email too. If nothing else, just to make people think twice about pressing Send, or realising that the email is blank before they fire it out. I'm sure it's not hard to code and I'm sure there's a plugin for Exchange or similar that would do just this.

It would also give you an opportunity to "recall" a stupid email before it went to anyone. Though you can recall from a local Exchange server, there's absolutely no guarantee that the other side will honour it, and I only ever get recall requests for emails that have JUST gone out (but unfortunately, already made it to GMail, Hotmail, Yahoo, etc. accounts).

Re: Call me back in 5 years

Program in established and platform-independent languages.

If I can still compile C99 to Win32, Win64, Linux, ARM EABI, LLVM intermediate code, HTML5/Webassembly, etc. then it doesn't matter that the end product might change. That's 18 years - or more - of portability.

If, however, you're required to program in "the latest fad that everyone is using", then it's a no-win game.

The problem comes from people who re-architect everything to take account of, say, HTML5 before the generic portable stuff is brought over, because they "must have" it. Any platform not old enough to have a compiler to it from just about any language isn't one you want to code on. You might HAVE to code on it, but you'll always have the problem of constantly being required to learn things that quickly turn obsolete.

Perl or PHP. Java or C. GDI or Metro. Mac or Windows. Whatever you use, abstract it out and make it portable so that it doesn't matter if someone completely changes the target device. The languages to do that are quite obvious. Basically anything not written last year, and not appearing as a buzzword on social-media-backend-developer job ads for startups.

Re: Much like my pension, which I'll likely never get.

A pension is a life insurance.

You're basically gambling that you'll live past 60/65/68/whatever it is now.

If you do, you might get some of your money back.

If you live a LONG time past it, you might get all of your money back, and maybe even make a profit.

But the reason you can do that is because the other half of people will never get that far, despite paying in religiously every month.

Add in administrative costs, regulatory costs, inflation, increase in necessary provision under law, shifting retirement dates, etc. and obviously profit for the pension company, and most people WILL NOT ever get out of a pension what they put into it. It's as simple as that.

The line has always been that those people in charge of a large pension fund were smart enough and regulated enough that they would be able to guarantee its availability, and also safely increase the fund enough to cover inflation such that it would become more viable than you just stuffing it all under a mattress or sticking it in a bank. That's no longer true, I feel.

Even banks barely offer saver's interest rates now, so for every minute your money is in a bank it's actually becoming less valuable.

There's a reason that we were all made to invest in pensions via a compulsory law on workplaces. Because the governments and pension schemes know that there likely would be nothing left for them (taxation, etc.) if people sit down and work this out, and invest or save the money themselves.

Pensions are a wager on whether you'll live significantly past retirement. Any mathematician could sit down and tell you what the age was. And up until that age - when you would break even - you're effectively losing money every month. That's likely to be around 80 for most people nowadays, I imagine. 15 years of pension paid for by about 40-something years of pension contributions, averaged out across everyone. If you die before 80, you've basically paid for someone else's retirement - even if your widow gets some lump sum or similar.

Now go look at average life-expectancy. it's 81 in the UK at the moment. Work out what the retirement age will be by the time you're there, and it's likely that 50% or more of people won't ever see a penny from their pensions, and most of it will go to others (what's the state pension nowadays? £490 a month?) Give it another 40-50 years and see what a pittance that becomes for you.

Of course, this is how they're designed and have always worked. But I can't say that I have any confidence in ever drawing any pension of any significance, and I'm still in my thirties and perfectly healthy..

Re: There is

Remember the doctor Lanning in I, Robot (terrible movie adaption, not the books?)

Working at home, while VIKI watched him through a sensor bar?

It's what pops into my head whenever someone mentions the Echo or Siri even.

Re: First world problems

Doing the virtual shopping gives me the time to write the lengthy post!

Then why print-by-email?

Re: GVFS sounds super dumb

Give the guy his due.

He wanted to continue using Bitkeeper. Lots of people in/around Linux used it and paid for it (even if they didn't always have to).

Then the owner of the company that make Bitkeeper decided to be a twat because someone from Samba fame started to reverse-engineer it's proprietary formats so they could integrate with it.

He pulled the rug, the software was made unavailable.

So Linus knocked up an alternative in a few days, that pretty much sent Bitkeeper scrambling and now even Microsoft use it, and Bitkeeper is nowhere to be heard of. Since the very early days, it's been almost entirely other people - including Microsoft - developing git, but you have to admire the way that was done.

"Okay, you won't play ball any more, despite it being nothing to do with us kernel developers at all? Okay, I'll write an alternative that's more focused on our process, better for us, and does things yours can't. Oh, look, there it is, done. Bye!".

There aren't many people who can re-write an independent implementation of a large commercial product overnight, that ultimately leads to nobody even touching the other software any more, and Microsoft basing product lines and their entire development process on it.

I'll save you the bother.

1) Check we're talking about the right series (Nicholas Lyndhurst).

2) Series 3 and 4 and a Christmas special won't be there.

Unlikely, given that nobody has spent the Bitcoin ransoms that were collected.

Yeah, that "anonymous" network? You can trace every payment from every wallet out to every endpoint, by just visiting one of the thousands of blockchain info websites.

Sure, if you break it down into enough pieces and "launder" it through enough genuine transactions, people will lose track. But at the moment, a lot of money is sitting in a BitCoin account that nobody has dared touch.

Because the second you touch it, every Bitcoin exchange is going to be tracking it and refusing to deal with it's products, most likely.

And if you're not being paid, or being paid a pittance (nothing compared to 20 years in the slammer, for instance), or being paid into an account you daren't touch.... why would you send out anything so incriminating as a release code?

Re: please...

I can do it much more simply.

Customers may return a product for a full refund for up to five years after the purchase date if it has a demonstrated security weakness under "not fit for purpose" regulations.

Nice and easy to determine in a court of law.

Minimal additional legislation required over existing.

Decent amount of comeback on manufacturer's who push out junk.

Decent incentive to actually make things work properly.

Already handled under existing product returns, etc. processes for all involved.

In the same way that a bank vault that doesn't shut would be sent back to the manufacturer, an IoT device that can't be secured from the Internet should be sent back too.

Re: Get real.

Then just use a stick.

The point of taking the key is that others CAN'T DO IT EVEN IF THEY WANT TO.

Re: Get GPWIN!

I coded some things up for the GP2X, which also worked on some of its successors.

They were cool little gadgets precisely because they were just Linux and you could run anything on them.

The GPWin looks really enticing, I keep seeing it pop up, but I think things like the OpenPandora have tainted me against trying them.

Problem is, nowadays, that we all carry out full-screen, high-res consoles wherever we go. Occasionally people phone us on them, but other than that...

Re: As if...

It's not "Is nobody going to notice this scam, ever?"

It's "can we make our money and run before anyone notices?"

Which, let's be honest, could easily have happened here.

Re: Here we go again

Assange is irrelevant.

Certainly to the point where he gets ignored as someone who thinks they can stand on the prison roof and shout demands that their friend in America gets released, while below the judge waits to sentence him for breaching bail.

You don't want to use lower entropy sources for - of all things - a VPN that's exhausted entropy.

If you don't have the hardware to provide the security you want, software can't fix that for you except by - literally - pretending otherwise and carrying on regardless. Guess where the security problem is with that?

And it doesn't take much to add entropy if you are running a VPN device on even a virtualised machine. If you don't know how, then you shouldn't be designing or operating virtualised VPN devices.

Refusing to allow low-entropy sources is no different to refusing to allow low-size keys. It's purely a security decision. Anything else means someone will knock out a "VPN router" that has OpenVPN's name on it in the firmware, but is actually so low on entropy as to be bog-useless. Not having the option means you can't do that without literally having to patch it in (and release your patches?). And then the problem is in your patch, not in every OpenVPN device ever made.

Was an ED pre-orderer.

You're wrong.

I literally DO NOT HAVE UPnP enabled on any device.

Everything works.

I don't need to.

They both start the conversation talking about shit like the weather, and whether I watched the football the other night, before telling me who they are, what they want and why they're speaking to me.

Literally, it's a flag on my mental "Hang Up" list to waffle incessantly to a person you clearly have never spoken to in your life about things which - anyone who knows me would know - I don't even discuss with the best of friends anyway.

The people who I do actually have dealings with generally start conversations like:

"Is that Lee? Cool, I've got some more of those laptops in stock, would you be interested?"

Or "Hey Lee, what was the date of install for that equipment you wanted?"

Or "Lee, mate, did we ever hear back about that quote?"

Because they quickly learn if they don't keep things that terse, their calls mysteriously can't make it through to even our main switchboard for some obscure technical reason. (clicks button, closes telephony server control software, whistles innocently).

Re: Agile and government do not mix

You used "agile", "deliverable", "waterfall" and "mandarin" (in the context of bureaucrat) in the space of one comment.

And you complain about others being buzzword-compliant?

But environmentalists make very bad oils for fivers when we extract their juices.

Re: Where's my cut?

You weren't overcharged. You agreed to a price and contract and paid it to those third-parties.

Any refund would have come from those companies direct because your contract would have guaranteed it and was much more clear-cut. Or you had no refund owing whatsoever.

This is those companies recouping anything they may have had to refund you (likely zero given most of the guarantees on those circuits) and the interest on them being out of pocket during that time based on their contract. Not you recouping from them based on yours.

As always, your contract is with the company who supplied you, not the underlying contractor they choose to use. Otherwise you'd be in a whole heap of trouble because no end of shouting would ever fix your problems and they'd just tell you "talk to BT, nothing to do with us, oh by the way you owe us this month's payment".

Which is when you add 20% to your price to cover that uncertainty and all it brings with it.

If you have the qualification enough to be in demand, you should be negotiating a pay that you can live off.

Re: Money talks

It's open to scamming, though.

You go away for a week, you stick a huge interfering electromagnet on the line.

The sync speed drops, they charge you nothing for the week, despite having to pay for all the infrastructure and capacity *IF* you'd suddenly decided to sync at full speed.

You come back off holiday, take the magnet off. You've saved yourself a tenner, they can't detect it, but they had to provide all the backend for it.

Same for each night, of throughout the day based on your desired usage.

Suddenly, they are required to give you 100Mbps backend 24/7 but you're paying precisely only for the a fraction of that, only in peak period, and nothing else.

You could save a lot of money, that wouldn't be visible as you turning it off, not using it, etc. for which they'd normally still be billing you, and it wouldn't be their fault.

Either cost it by megabyte with a "best efforts" line speed (the faster your line speed, the more money they make quicker, so it's in their interest to give you the fastest possible and give priority to HEAVY users!!), or cost it flat-rate per month for a given minimum line-speed.

Anything else is open to abuse, and it's already hard enough to recoup the pricing of telephone and broadband lines to rural locations, etc.