* Posts by DCFusor

868 publicly visible posts • joined 12 Oct 2013

Texas lawyer suing Apple over FaceTime bug claims it was used to snoop on a meeting

DCFusor

Re: I am a LAWer

Guess he thought he was on slashdot and looking for a +1 funny.

And it's go, go, go for class-action lawsuits against Equifax after 148m personal records spilled in that mega-hack

DCFusor

Re: Never gave them my permission

Bad analogy if you profit hugely from a ship building business, which forces people into being customers with no opt out option at all, and point the ship at the iceberg.

Then drilling the hole, is, as you say, not that big a deal. But see above.

Boffins debunk study claiming certain languages (cough, C, PHP, JS...) lead to more buggy code than others

DCFusor

Re: Rust

I'd think it would be worse. Because there are lot more kinds of bugs than the ones Rust (or any language) can protect against. And a false sense of security is, well, false.

I could list more classes of bugs than will easily fit here that Rust has no clue about; and I'm not really against Rust - I'm against depending on some magic "one weird trick" language to solve it all.

Locks need to evolve because lock pickers and bypassers keep inventing new ways to get past the existing ones. If nothing else.

DCFusor

Re: And they get paid money to do this?

Yep, I almost needed a new keyboard for that reg article the other day that suggested we devs do some "bridge building" with academics for bug hunting and so on. It's not us who don't listen....

They like to pretend that they're special and know it all because formal education that was out of date before they began, and we unwashed can't possibly have anything to add.

In the US, FWIW, you can't even get grant money to study anything or publish your findings in a "real" journal - even if you're a recognized expert in the industry - if you don't have a PhD. There's a market to hire "in name only, no need to show up" PhD's to be PI's for government contracts that are instead actually done by people who can do stuff and make it work, not just pontificate about it.

It's funny they'll study anything they can get grant money for, but then look down on us who work at...anything we can get money for - or maybe are actually a bit more selective than they....

DCFusor

Re: It's "What's the best language" all over again

I always thought of it this way - a good craftsman (person?) makes a better tool so there's nothing to complain about anymore.

For example, wasn't the notorious strcpy() replaced by the added strncpy() some time back? Which at least potentially eliminates an entire class of bug(gery). And, in that case at least, best of all - you can do a text search and find all the places the unsafe one was used.

Just one example....

You don't have to wait for them to make it part of the language either. Long before there was C++ for most of the Ti DSP chips, we simply defined a struct (member variables) in the header file for the C code that knew how to handle that struct...and passed pointers to it around. Duh. Self-discipline can replace the enforced kind - and works better anyway, because you're paying attention.

Now, of course, there are "fractals of bad design" in some of the more modern "higher level" languages...still. Personally, when I use one of those because I must or because it will save me time, I don't just do unit testing - I make sure just about every single line of code does what I expected it to in a very frequent edit/(maybe compile)/test loop.

Funny, very few bugs have come back to haunt me and some of my code has been running decades in pbx kinds of things. Now, that's not to say I never either over or under generalized something or just did a poor design, but it hasn't led to downtime.

Just my .02 worth, but then, you get what you pay for, and this is free!

Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data

DCFusor

But but - Apple protects our privacy!

Obviously, they've slammed shut one of the barn doors after the horses have all bolted.

Not counting NSL and gag orders...

Not to worry, only the worst outfits penetrate Apple's protections, the benign ones can't get in. You think.

Apple: Good news, everyone – sales are less bad than we thought. Not amazing but not bad. $84bn is $84bn, tho

DCFusor

yeah, but

He didn't open the box. Else he'd not have been so utterly out of touch with reality. Others who have opened the box will know...

But stay inside your cave and build all your knowledge of the world by looking at the shadows cast on the cave walls by things you can't see or imagine.

No, I didn't think of that, some old fart named Plato did:

https://faculty.washington.edu/smcohen/320/cave.htm

Want a bit of privacy? Got a USB stick? Welcome to TAILS 3.12

DCFusor

An ARM version might be more useful...

Title says it all, or nearly. How many dirt-cheap SBC's are there out there...I run a few headless here, for example (VNC is a friend).

Apple files yet another appeal against $503m FaceTime patent payout

DCFusor

Re: 474 pages

My now-ex made up more than that for divorce court. Fortunately, it was in her handwriting which no one can read, so was thrown out (along with her for tossing a tantrum in contempt of court).

Don't forget that we are paying the judge to read all that crap. As well as, eventually, subsidizing all the lawyers to write and read it. They bill, the company involved charges a little more for product to maintain margin...we humans are *always* the losers in these.

DCFusor

Re: New iPhone coming soon ... a bargin at $1500

They usually either steal or avoid, even if it makes things inferior. Remember the infamous "you're holding it wrong"? That's because rather than use a cheap-royalty existing antenna design that didn't have that problem and paying a few cents per device, they thought they'd roll their own and failed to get it right. There were several choices on the market for pennies per device that were known to work fine.

Of course, right after that, they put out requests to hire a competent RF/antenna engineer.

Speaking of hubris - they didn't already have one but thought they could keep those immoral margin levels no one else has, despite the lawyers and so on.

It's not just the lawyers, it's a corporate culture disease. NIH taken to the limit.

I helped catch Silk Road boss Ross Ulbricht: Undercover agent tells all

DCFusor

Re: More Questions

Assuming Amazon only knows your email is not a very good assumption at all.

They know rather a lot more about you (and your LAN), and not just the "google slurp" type stuff, which they also know.

I had a "big data" expert as a roommate here for awhile and she showed me an amazing amount of what they can find out from a single login with just a little extra innocuous looking scripting and advertising on their page (she wasn't working for Amazon, it was some other corp, which I assume had hired her because they were playing catch up with Amazon...). And it doesn't have to be the kind of adverts we all block, either. Let's just say they can't quite quantify the thickness of the racing stripe in your undies to better than a few nanometers, but pretty much get the rest.

I've been at this game many decades, and I had no idea how much is so easily leaked and extracted from just a login. From a fully patched and up to date computer - even one running that oddball opsys called linux. Windows and Macs? Pah...too easy.

FTC gets back to work: Now, where were we? Break up Facebook and fine it $2bn, you say?

DCFusor

Re: Three companies that need to be broken up...

So, after breaking up AT&T, they reform as....Verizon.

Was that an improvement? I was rather fond of the work Bell Labs did, though no fan of AT&T using long distance to subsidize local service. Oh, wait - that saved me tons of money as I didn't use long distance.

People are naive about the power of money and size vs the government, which itself is generally for sale, as history has shown over and over.

DCFusor

Re: Suckerbuerg for Idiot

You are correct, of course. Just like the sign on Ron Paul's desk used to say: Don't steal, the government hates competition.

Anything that big is too juicy to not get more skim out of - but too clever and well resourced to get more taxes out of - there's always somewhere else to declare profits or some way to hide them (which is why tax the rich plans sound good but always fail). As well as pervert to other political ends.

Disk drives suck less than they did a couple of years ago. Which is nice

DCFusor

Re: came for this comment

Those were the only drives since the advent of winchester hard drives that ever had so many fail so quickly that I actually lost data!

I must be a lucky so and so. I've owned no lemons from GM, or from Seagate. Timing must be everything. I've had one seagate 2.5" drive start to vibrate very slightly after 3 years 24/7, and I pulled it offline to use as a cold backup. It's still working, as all the 20 or so IDE drives I recently pulled from machines I should have decommissioned quite a long while ago (pentium 2 class) - they were just sitting in storage till a friend wanted them to recover any gold he could. Checking the drives, they worked, the systems still booted for crying out loud. I pulled some interesting nostalgia off them, and now they're gone, never having failed. All these ran for a couple years in a software development business...

I can hear the light! Boffins beam audio into ears with freakin' lasers

DCFusor
Black Helicopters

You can, but

The glass has terrible frequency response - the mass makes it a good low pass filter.

The room reverb is horrible - even with a good microphone at many feet from the talker in those big rooms adversaries leaders and diplomats favor with lots of reflective surfaces that don't absorb echos.

Other vibrations - passing cars, HVAC, elevators and what not....shake the glass really well.

Back in the day I helped write some code to deconvolve that kinda stuff....success was pretty iffy.

Pentagon cloud contract sueball: Oh no, Oracle doesn't need those docs, AWS tells court

DCFusor

Reached number 3

Seen on Groklaw, lo, these many years ago:

1. If you've got the facts, pound on the facts.

2. If you're got the law, pound on the law.

3. If you have neither, pound on the table.

Someone needs to mention to Larry that leisure suits and competition by lawsuit are both passe.

GoodLuckWithThat.

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

DCFusor
Alert

Don't get the update

Here, on my linux boxes, new updates for Chrome are listed all the time - and I've been putting them in along with the rest.

Maybe it's time to stop doing that.

Maybe it's time to go ahead and do a full download and archive that (instead of downloading and running just the installer).

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

Not sure if everything that uses WebKit will be affected (I also use Vivaldi) but if so....same for that.

Adblock+ used to be good and it's hanging around here, but became pretty useless compared to ublock Origin. If they break that...I will not use that browser anymore, period.

I advise making room on some disk or backup for full downloads of these things, not the easier to get installer that then does a download. You WILL want the opportunity to revert. And of course, they will somehow manage to find some 0 days/backdoors in the versions that still ad block - imagine that. You could even wonder if they already know about some and are leaving them in for just that reason.

Microsoft's Master Chief calls time on Cortana as a standalone AI platform

DCFusor

Re: Turning her evil in Halo 5 wasn't enough...

Indeed - happy brrt day: https://www.youtube.com/watch?v=NvIJvPj_pjE

That's the plane that is too expensive to keep in the force! The much cheaper F-35 will replace it at lower cost (in some other galaxy with different laws of physics, that is - oh yeah, the pentagon).

DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc

DCFusor
FAIL

Re: Premisis

Obviously you haven't watched this guy's videos. The keys are for sale on ebay and other places if you know the #, which I won't post here - but they are listed in his videos, along with screenshots of them for sale from various vendors on ebay as well as THE ORIGINAL MANUFACTURERS. Prices are under $20, not 300+.

Another link for short attention span types: https://www.youtube.com/watch?v=rnmcRTnTNC8&t=154s

"Not allowed" means nothing at all.

How much stuff is illegal yet widespread? How many criminals are law-abiding? I'm sure you know cocaine, driving drunk, murder, burglary (relevant here) and tons of other stuff is "not allowed", right?

Crossing the border of the US without proper procedure is "not allowed", but an estimated 12 million or so have made it fine.

Watching this guy and other pen testers just walk in, needing at most only a small keyring with around 10 keys that cover > 90% of all lockboxes, is illuminating. And he and others list the specs of said keys, in standard locksmith lingo, as well as mention which ones you can just duplicate at your hardware store.

I'm sure police cruisers, which are pretty much all keyed the same, which become taxis, still keyed the same, are the exception, except they aren't and many departments don't even know this as he points out. You can't spec something be made more safe if you assume it already is.

I believe you are either uninformed or hoping that others remain so.

The status of physical security now is kind of like that of LAMP before someone realized how easy SQL injection was (or any number of now-obvious flaws).

DCFusor

Re: Premisis

Deviant O, is that you? https://youtu.be/Rctzi66kCX4

Skip out to 6:06 or so. No need to pick locks when most installations are so bad you can just walk in without even breaking step - mis installed striker plate....stuff like that.

I've seen this guy open a locked door to a bank with a mouthful of whiskey spit through the crack to defeat the emergency let me out IR detector.

Many jurisdictions require all keys for a building to be put in a lockbox outside, which are all keyed the same so people like firemen can get in easily. And you can just buy that key that gives you all the others.

Lock Picking Lawyer (recommended YT) is good - but this guy is better. Picking even a simple lock is a last resort.

Guards and dogs...defense in depth (See Bruce Schneier on that topic too).

If at first, second, third... fourth time you don't succeed, you're Apple: Another appeal lost in $440m net patent war

DCFusor

Re: Get rid of Software Patents completely.

Nope, it means we'd mess up our version English even further to avoid infringement...workarounds are commonly used for all cases like that.

Iran satellite fails: ICBM test drive or microsat test? Opinion is divided...

DCFusor
Holmes

Why the false distinction?

It need not be either-or at all. Learning about rockets and how to get things launched is at least "dual" use capability.

If I wanted to eventually do ICBM's, wouldn't I want a spy satellite first to know where best to aim them?

Not that I think trying to keep science or tech a secret is really a reasonable thing to do, practically or morally, but the discussion seems to miss some important points - everyone could be telling their idea of truth here.

Iran - nope, this is an attempt at a satellite launch - true.

Everyone else - we're afraid that if you learn how to do things like that, you might fight back against us - also true.

Wouldn't a better solution be to make some kind of friends, we're all gonna know how to do anything anyway at some point, but if we don't want

to kill each other it won't matter if we know how.

Remember how the crypto wars went, or DRM in pretty much everything from DVDs to video to games? This is a pointless and expensive exercise in the end.

Science hangs together - there's no way to know how things work without knowing how things work. It's a tool, not an end use, that's determined by things like politics.

Nissan EV app password reset prompts user panic

DCFusor

I have a Volt, myself. The GM app stank also, I quit using it for anything myself long ago. the car itself is fantastic - at least the USB jack lets me play regular music files and I no longer have to have iTunes format (like the 2010 Camaro demanded). But of course, no plain old aux jack and bluetooth bugs that run the battery down(!) - and also give bluetooth quality sound, along with Sirius which of course anyone sane gets off of as quick as they can, finding out that like with Verizon, once they have your CC number it's really, really, near impossible to stop their billing robot. OnStar, one year's worth cost triple what a standalone GPS does at least lets you cancel gracefully - kind of, they can still track you by radio.

To me, the real issue is that car manufacturers all want to be Apple, lock you into their walled garden, but not even lift the fingers to innovate and update that even now-boring Apple does. I mean, upgrading an overpriced phone with nothing really new in it every couple years is bad enough....Cars still have 4 wheels and some of us just want to get there. A little sporty or luxury is nice, but...trying to be what they cannot be is just stupid.

Cars, north of $30,000, almost never get updates, never upgrades, can't have their now-vast networks of internal computer hardware updated or even replaced - try to do something with the audio system for example - now it's also all the bing-bong alerts, your hands-free cellphone and a bunch of other stuff and no car stereo shop will have anything to do with it - and neither can you. Even if you're a real EE, as I play on TV - I have other things to make a life's work of.

And then they wonder why sales are down (other than all our governments obvious lies about the economy catching up with them too). The more people burned, and I know a few myself, the less people are going to pay real serious money - > 50+ iphones, really? - to get caught up in this web of crap and get a minor upgrade if even that? I can buy a paint job and a can of new car smell cheap, guys.

Brit hacker hired by Liberian telco to nobble rival now behind bars

DCFusor

Re: Bandwidth!

They were patting *themselves* on the back, AC. There's no glory in busting a trivial simpleton....

Talk about beating heads against brick walls... Hard disk drive unit shipments slowly spinning down

DCFusor

Re: So mirror them

I use both types here, a lot. I've become more comfortable with SSDs now, but I do tend to overprovision them, and back them up. I also do that with spinners. So far, I've had really good luck both ways. I've had some fail, but that was apparently a quality control issue with an SSD from Crucial, supposedly due to shipping some stock from a company they'd bought that had problems or similar.

The drive had gone into total CMOS latchup - a flaw probably in the controller (acted like a short on 5v) but it was temperature dependent and I was able to recover *from that drive* which was a bit better than using the backups I also had.

The one spinner I recently had issues with was a seagate 2 tb 2.5" drive that started to have some vibration after about 2 years in 24/7 use for a home weather database - lots of writes. It's never failed, but I switched it out and now use it for archival backups. I think the bearings were starting to go bad after spinning that long. It was never spun down in use.

The only drives we had fail here - and we lost data, also the only time ever, were IBM deskstar drives, which had been backing up one another on workstations in an off grid system that had no central server - all was peer to peer. When they all failed within 3 days of one another, we lost some data, and they were right jerks about even giving us new drives, just before they sold that line to Fujitsu. They insisted we run their diagnostics, which passed (it had been warm but had cooled down by the time that happened) - but our data was gone anyway.

We used them as targets on the shooting range, most satisfying, along with a few old floppy drives.

I've had issues with USB flash more or less burning out if used constantly for writes on say, a raspberry pi. Never with a real SSD. When I set things like that up, I make a tempfs to do those usually not worth it logging writes (once things are setup, do you really need to know every time something else on your lan reads a database or connects via samba, or hits a local webserver?).

Long story short - our single actual data loss, and it was without warning, was spinners. In the decades from 1980 on up. Probably shouldn't use the same brand, model and age for backups as the main show.

It WASN'T the update, says Microsoft: Windows 7 suffers identity crisis as users hit by activation errors

DCFusor

VA and TX in the US

Have laws making EULAs legally binding, and they'e been tested. VA because all the government stuff there (assumption is that they can and will pay), and TX because...tech, NASA and so on. This was certainly a fact a decade ago, whether it's changed, I haven't heard.

At any rate, back then the laws were definitely tested....

A customer of mine with ~~ 450 windows machines was shut down for 3 days, losing quite a bit of money, over a legally-enforced BSA inspection....

They now have a heck of a lot of Linux and Mac....(I got paid to help with that).

A privately owned electronics manufacturer, whose owner was able to hold and deliver on a grudge. He hadn't violated anything but were they going to reimburse him for the lost $$ due to acres of shut down production robotics? Not a chance.

Steamer closets, flying cars, robot boxers, smart-mock-cock ban hypocrisy – yes, it's the worst of CES this year

DCFusor

Well, scale matters

You can make electricity "work like that" but it'd have to be a really tiny house. When my wife was wanting to lose weight but still watch TV all day, I fixed her up an exercise bike with a generator and used that to drive a small portable TV that would run on 12 volts. Vacuum tube type, minimal power for that sort, though, around a 6" screen.

When she found out how hard it was to pedal - and that the tiny battery I'd added would only keep the TV up for about 1 minute breaks...she lost her taste for western re-runs real quick. Total win...

1 Hp (about 3 times what a human in decent shape _can_ sustain, but probably won't like) = 745 watts with 100% conversion efficiency (yeah, right).

An efficient house with nothing spurious electric (like HVAC, cooking, water heat etc) might draw 300 or so watts...

Now let the Reg Standards guys have some fun with this! In pounds-feet/second how many busses would you need to drop from how far to keep your house running for a day?

Oracle's in-house lawyer denied access to Uncle Sam's procurement docs in JEDI legal battle

DCFusor

Re: $10bn cloud contract

Well, one reason you don't see that in the news is that it doesn't happen? When was the last report of an underrun, in like, ever? That max is only theoretical, and everyone in the biz knows that.

a_yank_lurker has it right - I've been there too.

But for reference, from Google Finance, Amazon's gross from the last quarter alone was $56.58 billion.

That's one quarter...and for all of Amazon. I believe this contract is longer running and won't actually be super significant, though it is in the area that Amazon actually has a margin...

This compete-by-lawsuit wasn't begun by Oracle, but it's out of style enough that they might be signalling the end of it. Always late to the party and all that.

The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit

DCFusor

@Lee - Precisely from me too.

Now that there even IS a man page for systemd...wow. Back when it was breaking things like boot time mounts of NFS filesystems in /etc/fstab, I looked for some workaround on the 'net and found that you could make a .mount thing - that worked for about 2 distro updates (not upgrades) before the workaround was broken by a fix to an issue that originally had an E_WONTFIX tag...and now NFS mount in fstab works again.

I just checked the man page that now exists. To be sure, the usual bafflegab and when you have to link to a website, you've already failed. I note that no where in the "see also" 'is the name of the manpage you really need if you're customizing a desktop or other on-prem specialized machine -

sysd_service_file

Now, being that just about zero other man pages even have underscores in the name...how again was I supposed to guess that one?

How about if some daemon takes too long to start and systemd starts it over and over again without killing the previous attempt till the system goes down, as it did with Conky?

How about becoming unable to reboot if something mentioned in fstab can't be unmounted because it was never mounted due to another bug, or because someone manually unmounted it. I bet people who have to drive to a site to fix that got real happy.

Could some of the hostility be due to breaking things, and then breaking the workarounds, all while not ever admitting there was a problem in the first place?

Sorry about the double post above - the site said something messed up so I typed things in a second time.

DCFusor

Cloud fad

"Unix doesn't reboot all the time."

In a properly run on-prem setup, that's right - it almost never needs to reboot.

However, with this new fad of cloud, and all that things that might entail, from tons of identical (or nearly) instances, containers, and the like, whatever the buzzword of the week is that sells the human service/conference for "well, now make it work for us", linux is forced to boot all the time.

Follow the money, it's often instructive. Red Hat was making a lot of its money off this cloud thing - the swing back to mainframes (again).

People make money selling ads for "buzzword of the week conference", present forum not excluded.

No way RedHat would have paid that clown and team all that money if they didn't perceive that pot of gold at the end.

But justice was served in a sense. No one sells themselves to IBM if things are all dandy, eh? Oh yeah, maybe people with a lot of stock they can't so easily sell without depressing the price....what was that we follow, again? $$$

DCFusor

Cloud fad

To the comment above - unix doesn't reboot all the time....

It does in this fad world of a bunch of instances that are near-identical in the cloud, which business RedHat was making money on.

Of course, since it requires courses and consultants, the Reg is all for it - revenue, so they support this cloud fad thing themselves.

And all the related container/serverless/buzzword of the day junk that goes along, every now and then we need a new buzzword to sell the

same old "well, make it work for us, then" human services.

The swing back to mainframes, in essence. I've been around long enough to see the back and forth a few times now. Short attention span people don't see it.

Always follow the money, it's instructive. No way RedHat would have paid this loser and team to do this much major work if there wasn't that pot of gold perceived at the end of the rainbow.

Not that it's worked out for them - who would sell themselves to Big Blue if things were dandy? Oh yeah, people with a ton of not very liquid stock. Again, not that hard to follow...

Encryption? This time it'll be usable, Thunderbird promises

DCFusor

Re: The trouble with PGP is that

Obviously some google haters here....or something. 3 downs really?

I suppose someone's going to tell me they can write encryption code for *any app in a connected computer whatever* that isn't trivially backdoored by some APT or even a kiddie who gets hold of the tools to do some 0 day persistent UEFI or rootkit hack undetectable by you. As if history hasn't proven you wrong time and time again...I get it, it'll be different this time.

If so, I'm real glad you're not doing my security. If it shows up - ever - in plaintext on a connected machine - then it's NOT safe...if your offline machine hasn't been backdoored in some way as to compromise the USB stick or whatever else you use to move it to the email machine and back.

If you only want crap security, I hear there's a one liner using ROT13. You could even use it to double-encrypt for extra safety.

Someone's never read enough Schneier? Or any basic security whatever?

Or is it someone loves tbird as it is? Wow....

I'll leave my coat with the bugging device in it....

DCFusor

Re: The trouble with PGP is that

Well, some friends and I use FloyCrypt for Gmail and while we have no idea if it's any good, crypto-wise, it sure is easy to set up and use....Maybe it makes a little more work for snoops, I have no way to know.

I use gmail (oh well, slurp) and tbird and frankly, tbird is such a piece of junk with such a horrible UI I only point it at the email addresses I don't really use anymore, to go clean up the inbox by deleting the spam - which it detects about 1/10th as well as gmail, and which requires WAY TOO MANY clicks to delete.

I sincerely hope they fix this piece of crap, don't get me wrong, but it's going to be a good bit of work by someone who understands work flows...

And who understands how to make it easy for beginners, while letting power users have the good-trick features all at once. Missing that one, is of course, hardly limited to Tbird....How these fancy UX guys can miss the obvious (but difficult) while fussing about corners and such....participation trophy winners I guess.

I have met good human factors people - they had PhD's and years of experience in human studies like psychology....eg, not some self-styled "artist designer".

Dark matter's such a pushover: Baby stars can shove weird stuff around dwarf galaxies

DCFusor

Alternate theory

Dark matter is formed over time during the life of a galaxy or its star forming. Works just as well as a theory for the production of something that isn't even named correctly.

It's dark gravity, people. Some idiot called it dark matter because they thought that'd make it easier to push the idea, since we know matter has mass and gravity. But then, since Einstein, we also know that energy does, and they are convertible anyway.

All we actually know - the only believable observations are:

1. angular velocity vs diameter of a spinning galaxy doesn't quite add up right.

2. something gravitationally lenses light from very far away - space is more warped than we thought.

That's it. "matter" might be what it is, under some very loose definition of "matter" that doesn't interact with anything but gravity - or so weakly that every single expensive test so far can't find whatever it is....maybe looking for the wrong thing?

Just a guess by someone who really does do science and who has been wrong enough times to not buy anyone else's first guess, either. The amount of press the idea has gotten has nothing to do with its validity.

Pewdiepie fanboi printer, Chromecast haxxx0r retreats, says they're 'afraid of being caught'

DCFusor

Re: What the did is grey at best

Ah, well, setting the house on fire is more of a Mrs-use act.

Crap app tapped to trap mishaps: Demo insecure software built to school devs on secure coding

DCFusor

Why not just copy stuff from the web?

Oh, I get it - this way we know upfront what the obvious vulns are and can write a "don't do that" about it, while pretending we covered the ground and there are no such things as 0 days. And get a few clicks. Win-win-um....

Open-source devs: Wget off your bloated festive behinds and patch this user cred-blabbing bug

DCFusor

Re: From where

I just tried that /, and while it works, talk about obscure linux trivia (some terminal emulators have issues scrolling back or seeing a lot of a page at a time as well) - speaking of the problem I was trying to solve.

Try typing in /search or just // It's entertaining, I'll give you that. Seriously, nice way to respond to "thanks".

Some of us have things to do other than read man pages for decades on end. If man needs a man page (I know, it has one), then....people who think that's cool are why not many of us have linux on the desktop or as our daily driver (I only account for 15 or so machines running it. Since around y2k plus a couple).

PDF cleans its clock. Downvote away...

I'm wondering why whoever downvoted my first comment did it. Are there really a bunch of common uses for wget with a password? If so, how many hardcode that password in some script so are security bugs themselves? All of them? Who types a command line that long? I've been at this quite some time (see my site) - and I don't, and I LIKE CLI stuff.

Does anyone use the ssl key stuff instead? If not, why not? I didn't mean to start a flame war, but holy cow, what a bunch of flak from a simple question of "why TF do that anyway?".

DCFusor

Re: From where

Thanks! As I get lazy when it's time to RTFM and all I have is the man command, I wrote a little script to convert man pages to .pdf files so I can search them - which took less time to do and find that out than I'd already spent in the man command - which is pretty clunky. I shared the little script here:

http://www.coultersmithing.com/forums/viewtopic.php?f=33&p=6598#p6598

Yes, pdf is a horrible format with all kinds of dangers of its own, but it'd seem most or all of those are from malformed pdf files with executable code in them - not an issue here. The default font is also easier on the eyes in most pdf readers than the one the terminal uses.

I'm building up a few of these in a directory on my homestead share for the more hassleiferous man pages (think systemd stuff...rsync, other complex stuff you don't use every day).

DCFusor
WTF?

From where

Did a password come to be available for wget to store? Haven't used it much, but none of the things I've used it for asked me for a password at all, nor was there one on the command line I copy/pasted to get say, a perl CGI wrapper for NGINX from ... the NGINX site. Legit question? Is there any widespread use of wget that does somehow hand it a password ? Just read as much of the man page as I could handle on an empty stomach and saw no mention of a pword, and as far as I know, user level privilege programs on linux (which I'm running) can't get my user's password either.

Could you speak up a bit? I didn't catch your password

DCFusor
Thumb Up

Evidently...

Best buildup and ending line in a very long time! Thanks for the Christmas laugh!

Mark Zuckerberg did everything in his power to avoid Facebook becoming the next MySpace – but forgot one crucial detail…

DCFusor

Speaking of puppets

And deflecting the conversation to avoid truth, what I heard Bob say was that "all politicians lie for a living" and you know it's true - whether they are puppets to a 2nd rate ex-communist or a far longer established banking community.

I'd say the puppet are the people who believe ANY of them. Partisans on either side (as if there were only two real sides of truth) - are the puppets.

"I care not what puppets sits on the throne as long as I control the money". Look it up. You might have to go back a few centuries.

Downvote away. the truth is never popular, which again, is why ALL pols lie, all the time.

American bloke hauls US govt into court after border cops 'cuffed him, demanded he unlock his phone at airport'

DCFusor

Like many laws, a smokescreen for dominance

Real slick of them to get themselves a law that allows searching people leaving, since that may someone magically allow terrorists in. I knew law was blind, but direction? Really? Can't tell in from out?

Too bad he's gonna lose, most likely.

When it comes to AI research the West is winning, the East is rising and women are being left behind

DCFusor

Re: Bit of a boy's club

Women are vastly underrepresented as garbage truck loaders as well, but I don't hear any complaining. Maybe all this proves they are smarter?

If most punters are unlikely to pay more for 5G, why all the rush?

DCFusor

5G will only ever work in those dense cesspools called cities. In the case of SF, literally a cesspool.

I will never live in a city again. Moved from DC in the '70s and never looked back. The only good thing about DC was free heat - abundant hot air.

FTTP for the win. You can always lay more fiber, but only push so many bits through a given RF bandwidth - and those high frequencies don't propagate well at all.

Since it's easier to get permission to lay fiber in rural areas, we may have the last laugh. No one here is going to mind another ditch to get better service. No sidewalks to dig up.

Surely no one here thinks that there will ever be any better deal on bits/$ unless and until the regulatory environment changes from "the best rules money can buy" do they?

In 2018, Facebook is the villain and Microsoft the shining light, according to techies

DCFusor

Re: Legislate, regulate

IT would only be a pretense at best. What example can you name of a company that was big enough to buy a government representative with pocket change (or a few) who has ever been regulated in any meaningful way, ever?

You can't unless you cheat and name something like "well, we made them do crash safety tests" which cost them nothing but eliminated competition. Or a bunch of other examples of regulation that just lock in the big boys.

It's legal for me to avoid taxes the same way they do it - just that it would cost more than my income, but isn't even a rounding error for them. Wonder why that is?

Equifax how-it-was-mega-hacked damning dossier lands, in all of its infuriating glory

DCFusor

Too much power

It's worse than you think. I recently retired (USA) and am on social security. For other reasons I had to get a paper verification of my status to a medical establishment in a tight time frame. So I log on to the government site, and try to start a "MYSSA" account, but the procedure fails. I then call the number, and after the usual multi-hour wait when calling the government, I got to a human who said that if I'm NOT in the equifax or experian databases, they cannot prove I exist! (I am in the OPM as I had a security clearance, or I should be, anyway - but two government entities here can't talk to each other apparently unless there's a political motive to incriminate someone).

Yep, the government can't keep track of my existence - even as an EMPLOYEE(!) if I'm not in a "private" database! One that has data that's all too powerful - identity theft is the least of it - can't get a loan?

Can't even get phone service with some providers, and here in the US you probably don't have a choice of that or ISP. Guess you your government really is - bankers and their services. Notice how they got bailed out with our money, how they get everything they want, and look at the horrible punishment they're getting here for history-making breach. /sarcasm

I'm sure you can connect those dots, they're real close together.

Lucky I was grandfathered in long ago on those things. All you have to do to drop off the earth is not use credit in any form or fail to pay a bill in 7+ years, and bam, you're a ghost. Screw someone - don't pay a bill, have them "screw up your rating" and it turns out that a negative number is better than no number at all! Suddenly everyone wants to lend you money, the government can find you again (which may be good or not)....

When I mentioned this to the government human and pointed out that they must know I exist and where I live as I get checks...they said "shhhhh, don't mess it up, if these dots get connected they'll stop".

And you guys think your UK government is screwy. Hold our beer. No telling who wins that one.

Oracle takes its gripes about Pentagon's JEDI contract to federal court

DCFusor

Bare metal an advantage?

If you're gonna do that, you require certain expertise...and may as well not contract it out to begin with.

The point of cloud is leveraging some expertise at the vendor end, presumably including more than just keeping lights on and perhaps doing the odd backup...if they can manage to make that atomic.

US Homeland Security installs AI cameras at the White House, Google tries to make translation less sexist

DCFusor

Re: Translation and Artificial Idiocy

i agree about the fool's errand, though not the gender fluid silliness you avoided mentioning, yank.

On the other hand, something that gets things consistently wrong ... is the kind of thing you can fix, or learn from your ideas on fixing being wrong. It's the intermittent bugs that kill ya. In the case of translation, as you point out, there are a lot of other issues that are a lot more important to most people "readable, accurate, idiomatically correct" seem like a good start on a list.

And the Vodka is still strong but the meat is rotten.

Peak tech! Bacon vending machine signals apex of human invention

DCFusor

?

Seems to me the people complaining about American bacon - as if that was a singular thing...are missing something important.

Just like chinesium you get cheap from "bigvendor" yeah, the stuff you just buy precooked somewhere is going to be terrible - just like every other thing they offer. This is news?

If you do your own shopping and preparing, you can get heavenly bacon in the US, I do all the time.\

But then if I go to a modern supermarket (vs the small town market I usually use) - I've noticed that if microwave ovens and/or freezers were to quit working, most of America would starve or die of a soda pop/potato chip overdose, since it seems no one knows how to cook anymore....

Cities. ugh, all this crap is in cities where people think they are civilized but long ago lost anything but the advertising to those of us in more "salt of the earth" locations. There is only one fast-food outlet in the entire county I live in - and no one goes there.

I'd bet the US isn't alone there...it may be ahead, but it's a matter of degree.

There are plenty of specialty outfits in the US that sell the best bacon on earth, or so I'm convinced - if there's any better I wouldn't be able to tell and would be confused about whether I'd died and gone to heaven.

UK spies: You know how we said bulk device hacking would be used sparingly? Well, things have 'evolved'...

DCFusor

And people laugh at the US government

Yeah, I know, it just irks me that others seem to think theirs is any better because your clowns use slightly different makeup.