I guess I'm simply lucky that all the unimportant sites I access with reused passwords didn't happen to include Github (purely accidentally, that one is entirely unique...)
Posts by DropBear
4735 publicly visible posts • joined 4 Mar 2013
Page:
GitHub presses big red password reset button after third-party breach
Laser probers sniff more gravitational waves from mega black hole smash
Lester Haines: RIP
This is how the EU's supreme court is stripping EU citizens of copyright protections
Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried
Wednesday 15th June 2016 13:12 GMT
Re: Yeah, this is crazy but....
"considering the seemingly love-fest with clicking through warnings"
Why, what else do you expect when even reputable websites regularly throw up security errors and warning simply because they use a certificate to host something on some other domain than their main one for which the cert was originally issued? Not to mention ephemeral "minisites" with their own "domain" etc...? Do not forget - there are places where security is the most important thing, but in most cases the absolute, absolute most important thing is simply Getting That Shit Done.
Linux devs open up universal Ubuntu Snap packages to other distros
Forget Game of Thrones as Android ransomware infects TVs
Tuesday 14th June 2016 09:17 GMT
Re: Killing TVs, a step too far
"What could the manufacturer possibly do to protect you from yourself in that scenario?"
Lots. For any supervisor "granting admin rights" is not equivalent to "I now wash my hands of al responsibilities you idiot". Even in the dumbest microcontroller, the first job of a proper bootloader is to protect itself by a) refusing to overwrite itself and b) provide a mechanism that makes it ALWAYS reachable. That's how you make an unbrickable device. By extension, a proper supervisor should have a mechanism that can always be reached when you need it allowing you to administer anything running on it - a task manager if you will. That would make killing / uninstalling this piece of garbage trivial...
Bendy see-thru mobes? Materials scientists make nanofilm advance
Hatches sealed on ISS pump-up space podule
Oooooklahoma! Where the cops can stop and empty your bank cards – on just a hunch
Surveillance forestalls more 'draconian' police powers – William Hague
Thursday 9th June 2016 10:13 GMT
Re: What is it about this people?
"If they need to make their plans and have a whispered conversation in a rowing boat 12 miles offshore, how will MI5 intercept that?"
Well, times being what they are it's reasonable to presume the "rowing boat" would actually have an engine and some sort of cabin. With glass windows. And once you have glass windows - look, man, what did you think all those sharks with lasers were for?!?
Sophos U-turns on lack of .bat file blocking after El Reg intervenes
Why does an Android keyboard need to see your camera and log files – and why does it phone home to China?
Wednesday 8th June 2016 14:40 GMT
Re: That's yet another point caused by needless complexity
"You mean like F-Droid?"
Yup. And if you're missing the pretty pictures to see what the app looks like at a glance (which F-droid apparently considers to plebeian a thing to do) there''s always a chance its more handsome mirror Flossdroid can help...
Wednesday 8th June 2016 14:26 GMT
Because there is no existing app that doesn't require ALL the existing permissions; if you want to actually install anything at all, you learn quickly to sign away your first-born (and as many more offspring as requested) without even thinking twice about it. I should know - I refuse to do that but the price I continually pay for it is basically having nothing to install. "It's the integration, stupid" - every app has bloated into getting integration with all aspects of your phone, so it asks for everything...
Firefox 48 beta brings 'largest change ever' thanks to 'Electrolysis'
Wednesday 8th June 2016 13:17 GMT
Re: Electrolysis
How nice of them to realize that is how FF should have worked from day minus one. Writing programs that freeze up the UI (for any reason whatsoever) refusing to act on your clicks only to unexpectedly lurch back to life and apply your past clicks to whatever they now substituted under them (like FF operates) should be punishable by a compulsory feathering and tarring, at the very minimum.
Mars One puts 100 Red Planet corpses colonists through fresh tests
Tuesday 7th June 2016 20:31 GMT
Re: "Ah, but we're on Mars now"
"The show contract says we are"
Reminds me of the old anecdote - student gets a summer job at the zoo impersonating a gorilla using a monkey suit. Guy gets a bit overly spirited, climbs up a tree, falls off it into the neighbouring pen next to a lion, panics and proceeds to scream like a little girl. The lion walks up to him and whispers "Shhh, are you trying to get us BOTH fired?!?"
Mark Zuckerberg's Twitter and Pinterest password was 'dadada'
Bloke flogs $40 B&W printer on Craigslist, gets $12,000 legal bill
Wi-Fi hack disables Mitsubishi Outlander's theft alarm – white hats
Norway might insist on zero-emission vehicles by 2025
Tuesday 7th June 2016 09:57 GMT
Re: Give & take
"is it really that strange that temporary incentives are just that? Temporary?"
From the point of view of the one granting them certainly not, they were probably never meant to be anything but temporary. From the point of view of those enjoying them, it kinda depends on whether their intended temporary nature has ever been explicitly advertised, comparably loudly to the main feature itself.
Even so, it's not unreasonable to assume a lot of (less attentive) people might have been reasoning along the lines of "getting exempted from a fairly modest expense for a short time in exchange for spending a lot of money all at once doesn't really make sense - it only starts to balance somewhat if I can count on enjoying those incentives for a long, long time". Which in no way justifies their expectations but I think it helps explaining it.
Universe's shock rapidly expanding waistline may squash Einstein flat
Saturday 4th June 2016 22:03 GMT
Re: Too early to tell. @dropbear
Sorry to return to this thread, but in my book "we are missing $236571 in our balance, therefore there's definitely an unknown quantity of -$236571 operating in the universe" is simply called "bullshit". If you can tell me "well the orbit of Mercury has always been a teeeeeeeeeeeeeeeeny bit off, and that -$236571 you mentioned would explain the discrepancy perfectly" then I'll be inclined to accept you found something meaningful, but just plugging a hole with an invented plug of "just the right size" for no other good reason just doesn't cut it with me, sorry. "1+1= -5 PLUS FUCKING MAGIC FOR NO FUCKING GOOD REASON" is charlatanism, not science. Feel free to convince me otherwise, but be advised you'll need to bring along unrelated and well-founded arguments.
Friday 3rd June 2016 10:37 GMT
Re: Not wrong, just not completely right
"Unfortunately, most of my inspiration comes from a tequila bottle"
Most of my inspiration seem to come from a (fairly polluted) atmosphere, and worse, it seems I have to keep expiring most of it right back out shortly thereafter. No wonder I have no earth-shattering insights under conditions like these...
Friday 3rd June 2016 10:25 GMT
Re: Too early to tell.
"we call this process "science"."
Except saying "a wizard did it!" is not exactly science - and for all intents and purposes dark matter and energy are pretty much the equivalent of that. Something that we basically seem to know nothing at all about, introduced arbitrarily solely to handwave a problem away. And _IF_ that is not so, then I have to say scientists did a piss-poor job of communicating to the rest of us why those concepts might make perfectly good sense for a large number of different reasons that seem to support each other, if such a thing exists. Because otherwise it sure as hell looks like all that dark stuff is just "something we made up to make 1+1 = -5 work even though it doesn't"...
Windows 10 market share jumps two per cent
Friday 3rd June 2016 13:09 GMT
Re: Low marketshare
"Places like eBay will probably flood with pirates offering Win7 OEM DVDs with a product key that may (or most likely) may not work when you install it."
FYI, any pirate Win7 DVD worth its salt installs without ever needing to verify or validate anything online. There's nothing "most likely" about it.
Friday 3rd June 2016 12:39 GMT
Re: "This doesn't mean the nagware is working:"
Believe it or not I can walk into most any PC-selling outfit around here (well, not that there are that many left but still) and in pretty much any of them I can get a Pc with... FreeDOS. I don't think I need to explain no sane person from either side of the counter expects that to remain the OS of that PC - it's just there so that there's some difference between that PC and a brick when the power button is pushed...
Computerised stock management? Nah, let’s use walkie-talkies
Friday 3rd June 2016 12:25 GMT
Re: 9 1/2 shoes
In my experience, the only thing changing with shoe size is the length of those accursed things. Width? No! Height? Hell no! And that's a rather large issue, literally, as my feet are, uh, overall thicker than usual - but the only thing different sizes change is how far the shoes continue past my toes, not whether I can actually put them on (I can't. Any of them. And then I find a model that I miraculously can. And then they stop making it the next week. AAAAARGH!)...
Swiss effectively disappear Alps: World's largest tunnel opens
Top EU data cop slams Safe Harbor replacement as inadequate
Wednesday 1st June 2016 13:16 GMT
Re: Gosh! Hooda thunked?
"The ONLY real solution (and it would be a simple solution, easy to regulate and police*) is (still!) to require effective client-side encryption"
Care to elaborate on how the hell that is supposed to work...?
"Dear Ms./Mr. @#$$#78^% #$^%&*VG, this is to let you know we encountered some problems processing your order of &FB2 pieces of $%e456V%T)$$! (assuming we carry that at all - it's a bit hard to tell), from date &@B33<2C3%xs (at least we _think_ it's reasonably recent, we found it towards the end of our transaction log); namely, the courier service we use can't seem to find the registered delivery address of @$v%$RECcdfFCSDDF5566@# 2 % eT%TVSC rRCE^RFW#@ anywhere, or indeed the country &%^vrC3rr^21 itself (although we have a hunch it might be within the EU somewhere). Please instruct us on how we should proceed - best wishes, Omni Impex Corp., USA"
These big-name laptops are infested with security bugs – study
Wednesday 1st June 2016 12:34 GMT
Re: Uninteresting, but simple test...
"Surely the simplest is to use a mobile broadband dongle and disable the Windows firewall? Then the system becomes a node on the Internet with all ports potentially open - assuming no carrier NAT..."
That's a mighty bold assumption. With the industrial amount of these things in existence at each carrier and the existing IPv4 shortage, do you seriously think they just give you a routable IP for each one of those...? Out of curiosity, I just switched my WiFi off - and my IP immediately jumped to a "local" 10.x.x.x one...
US computer-science classes churn out cut-n-paste slackers – and yes, that's a bad thing
Wednesday 1st June 2016 11:32 GMT
Re: Visited Maker Faire
That describes pretty well 99% of the whole "maker movement" - just don't ask where exactly the robots are in "robot wars"... Almost all "making" is about clipping together a few blocks in the trivial order they were meant to, and that's it. Not that I have anything against building blocks, they're quite useful - but one should go way past the "blink a few RGB LEDs" or "drive a couple of servos back and forth" stage before one is allowed to show it to anyone other than one's parents...
Wednesday 1st June 2016 11:15 GMT
Re: IBM vs. Microsoft way of thinking...
"There are two ways of constructing a software design"
No, not anymore. Just one: infuriatingly complex. Complexity is unavoidable and outright required today - it's just an unavoidable consequence of progress in the field and in corresponding expectations. While at some point "text" meant "ASCII printable" these days not handling any intricacy of UTF-8 (or is UTF-16? Which order, and with or without BOM? Right-to-left or left-to-right?) is unthinkable. While at some point "retrieving data" meant reading bytes from a file, these day probably means yanking a video stream out of a remote database. Not much can be done about that, the cat is not going to go back into the bag. The problem is that our tools to abstract, encapsulate, and reuse that complexity in a _confidently predictable_, _verifiably and inherently safe_ way are either piss poor or they don't exist at all.
It's the equivalent of being given a set of lego bricks where no two bricks have the same shape (and definitely no two bricks use the same connector) then being expected to build something really large out of it just as one would with a proper set of bricks. No wonder it just doesn't happen, and it just can't happen - not until we come up with some entirely different paradigm to program that makes that complexity reducible to a level we can handle (or tools that can reliably manipulate and verify it for us to an arbitrary degree). At any rate, as long as we keep trying to manhandle ever bigger juggernauts cobbled together from bits of C/C++ and the like, nothing whatsoever will change - segfaults, crashes, security flaws, all of it is here to stay until we come up with something adequate for our current level of ambitions...
Wednesday 1st June 2016 10:37 GMT
Re: Been that way fror a long time in the US of A
"Doesn't really matter what language you're taught. The important bit is to understand structures and logic."
Well, no. Programming doesn't happen in a vacuum just as a train doesn't go anywhere without a rail. And once you have those rails tightly nailed to the railroad ties, it's going to take considerable time and effort to rip them up and move them somewhere else, so you might want to give some consideration to where you want them laid in the first place. And no amount of wishful thinking will make an all-terrain Humvee out of a train.
Not two, not four, but 10 cores in Intel's new PC powerhouse
Wednesday 1st June 2016 10:13 GMT
"The latest 1.1 rev of KSP on Unity 5 keeps all 8 hyperthreaded cores of my i7 pretty much topped out"
Well yeah but that's not really relevant is it - the question is does the game also actually run eight times faster? Or is it just mining bitcoin or composing Haiku with the rest of the cores...?
Jaxa's litany of errors spun Hitomi to pieces
Wednesday 1st June 2016 10:05 GMT
Re: This is why Japan prefers to fire refurbished WWII dreadnoughts into orbit
"we can just hope that this will be a Challenger moment for Jaxa"
...and they will most likely conclude that the strict but most fair expectations of senior management were most disgracefully not met by the incompetent developers who might not be ordered to commit seppuku at this time but should definitely take the entirety of the blame for failing their duties to do the impossible...
Leak: Euro Patent Office 'court of appeals' rails against King Battistelli
Wednesday 1st June 2016 09:50 GMT
"So who has the power to fire this guy?"
And more importantly, who has the power to fire the guy who has the power to fire this guy, because he clearly hasn't been doing his job by not firing this guy, so he's undeniably either dirty or incompetent, and needs to go along with Mr. Kingie. I'd rather not wait until the guy who has the power to fire the guy who has the power to fire this guy needs firing too for the same offence...
ARM Cortex-A73: How a top-end mobe CPU was designed from scratch
Wednesday 1st June 2016 09:42 GMT
Re: El Reg employs puppet as journalist?
"I deserve that."
Absolutely no need to apologize - you should be proud to have a brain with integrated out-of-order execution...!
Brits don't want their homes to be 'tech-tastic'
NASA: We'll try again in the morning after friction ruins engorgement
Tuesday 31st May 2016 14:09 GMT
Re: Bah!
Naaaah, if they'd be working from a Haynes, the ISS would be a completely dismantled collection of floating bits and parts before they'd get to step #164568: "loosening the Bigelow Module retaining bolt" (in the time honoured tradition of "Headlight removal, step one: loosen bolts A, B and C holding your tailpipe...")
Boring SpaceX lobs another sat into orbit without anything blowing up ... zzzzz
Tuesday 31st May 2016 13:45 GMT
Re: "...angular velocity..."
"... and the only altitude where a satellite can remain stable in a circular orbit and at speed matching Earth's rotation, is just this one, roughly 22.2k miles. "
Nonsense! There are at least TWO altitudes for a stable circular speed matching Earth's rotation - the one you mentioned, and altitude zero: I'm matching Earth's rotation quite stably, circularly and effortlessly right here where I am sitting, thank you very much...
Biting the hand that feeds IT
