Posts by JohnFen 5648 publicly visible posts • joined 20 Feb 2015
"I admit : I'm a racist. I hate stupid morons"
The pedant in me has to point out that this isn't racism, it's bigotry -- and bigotry I tend to share! Although I have a shade of gray here. I distinguish between people who are unable to think (that's a medical condition and is forgivable), and people who are perfectly capable of thinking but refuse to do it (that's unforgivable, and I suspect that this doofus falls into this category).
"Sorta like the difference between what we want and what we really need (but can't recognize)."
Unless you're arguing that an authoritarian government is desirable, the solution to a disconnect between what the people want and what is best for them isn't to shove unwanted things down everybody's throat (after all, those who think they know what's best for everybody can be, and often are, wrong). It's to take your case to the people and argue your position. If you can't persuade the people that your position is correct, then tough.
Sure, I don't think anybody is arguing otherwise. The argument I see is this: if we're worried about China (and we should be), we need to be equally worried about the other nations that pose similar threats, such as the US. It's the singling out of China specifically that seems extremely disingenuous to me.
"ever heard of firewalls or white list access before ?"
This is what makes the whole issue sound ridiculous on its face -- that any risk from spying enabled by the hardware can and should be mitigated with a little extra effort. This would work with Chinese equipment just as well as with Cisco's.
Given that nobody has been able to demonstrate that China poses any greater surveillance or sabotage threat than any other nation, the thing to do is to put up defenses regardless of whose equipment/service you're going to use.
""It is clear that China Mobile's application to provide telecommunications services in our country raises substantial and serious national security and law enforcement risks," FCC chairman Ajit Pai said"
If it's so clear, then why not provide the argument and supporting evidence to the rest of us? Then it would be clear to everybody. Right now, what looks clear to me is that this is part of the current administration's extreme protectionist worldview.
"or perhaps whatever was being done from your IP to get you blocked has stopped"
That's possible, but I keep a pretty close eye on what happens on my systems. If there was actual nefarious activity coming from my systems, it would have been VERY helpful if Spamhaus was willing to tell me what the issue was so I could address it.
Aside from one communication (which was very rude and unhelpful), what I got from them was radio silence. That doesn't do anybody any good, and is why I don't view them in a terribly positive light.
"If you look at it from the firewall's point of view, there is no way to tell a difference between a SYN can and a hacker who is trying to use that same SYN scan to see what I have."
But you can detect and prevent actual attempts at breaking in.
I'm with you in terms of your security stance, by the way. My own home network detects port scans and locally blacklists IP addresses that engage in it. That said, I disagree that port scanning is analogous to trespassing, and I disagree that port scanning is, in itself, a nefarious activity. It can certainly be a prelude to nefarious activity, though!
"If I catch someone is in my backyard checking to see if the windows and doors are locked"
The SYN scanning being discussed is not so much checking to see if the windows and doors are locked (since the scanning is not attempting to set up a connection), but more like just counting how many doors and windows you have.
You may well object to that as well, and I understand if you do, but it's not as bad as your analogy implies.
"Where that to be true, it should logically follow that there should be at least some internet users out there complaining of getting listed by us due to their IPs being spoofed by some rogue third party. We are not aware of any."
I'm not sure that means anything. Every so often my public-facing IP gets on the Spamhaus blacklist (admittedly, this hasn't happened in a few years) for no discernible reason. Contacting them about it had always been useless, so I changed my policy to avoidance. Rather than contacting them, I just arranged to have a different public-facing IP.
That's a real hassle, though, so I'm very glad that this hasn't happened in so long. Maybe Spamhaus fixed something broken, maybe they didn't, I have no way of knowing. But I do know that the bad taste in my mouth about them remains, probably forever.
"But there are plenty of things you can do to stop them receiving a single valid byte of your data"
There isn't, though, since both of these companies (and others) are also gathering data about us from non-online sources such as debit/credit card usage as well. It may be technically possible to completely avoid them, but to do so pretty much requires withdrawing completely from society.
"It is if those companies wish to do business in the EU or EEA"
Yes, true. And those companies address the issue by treating EU visitors differently. I was really thinking about the vast majority of non-European websites, who can (and do) simply ignore the existence of the GDPR.
"I have feeling that more countries will adopt either GDPR or something pretty similar, California -while not a country- being a case in point."
This is what I'm seriously hoping for, particularly in the US (since that's where I live).
"The rooms were never cleaned, and this seemed to distress some of the more dedicated cleaners."
Probably not. I was a janitor in my younger days, and my duties included a facility that had rooms that were off-limits to janitorial staff. It's hard for me to imagine any cleaner who would be distressed by that. They tend to be overworked as it is and aren't itching to get more.
"According to US law, corporations are people"
Except that this isn't actually true. For certain specific things, corporations are treated as legal entities that have some of the rights of people (for instance, they have the ability to enter into contracts), but the law actually does make a clear distinction between people and corporations.
Corporations keep trotting out this "corporations are people" nonsense because it benefits them to have real people confused on the point, but it isn't actually so.
Wikipedia's writeup on this is actually pretty good: https://en.wikipedia.org/wiki/Corporate_personhood
"The best explanation would be that The Social Element automated its takedown requests so that any mention of the original article was also targeted."
If this is the case, it really puts a lot of their own marketing messages into a light that is rather different than they wanted. For instance, their website proudly proclaims:
"People respond to people. Brands are driven, created and led by people. We help bring out that human side to ensure brands present themselves as people, not products and services."
...which, even if that were accurate, would be incredibly objectionable. Brands are not people, and shouldn't be pretending to be people. That's just hijacking natural human social interactions in order to sell you more shit.
As they heavyweight 5G techs keep saying (and keep being ignored), us normal people are unlikely to see any sort of game-changing improvements from 5G aside from one.
5G isn't for us. It's for the carriers, to help help them cope with usage rates that are bumping up against the limits of what are possible with earlier technologies. That's the one thing that ordinary people who live in very congested areas are likely to see: fewer dropped calls and greater availability of the network.
We are unlikely to see vastly increased performance or throughput.
Apples and oranges.
Sony vs Betamax are about global sales of consumer devices. 5G is a service that covers limited geographic areas. Country A and country B each provide their own wireless infrastructure. If country A does it first, that doesn't make or break country B's ability to roll out their own infrastructure.
I still have yet to see any solid argument for why 5G rollouts should be treated like a race at all, let alone why it's important to come in first in it. The whole thing just smells incredibly scammy all around.
"It never really had any defined meaning."
Perhaps not in the UK, but in the US it does. "Fiber" service means that fiber is being used between your street and the ISP. It doesn't necessarily mean that you have fiber running into your house, that's true, but it's coming close.
"What's "deceptive" about it if ISP X's 80Mbit FTTC service works as well as ISP Y's 80Mbit FTTH?"
Because the description "fiber" refers to a specific technology, not how well the service works. It doesn't matter if a non-fiber solution works as well as a fiber one, it's still incorrect to refer to the non-fiber as "fiber". Companies that want to sell an advantage in terms of speed should market based on speed, not incorrectly cite a specific technology to imply speed.
"what's the difference compared to an FTTP connection operating at the same speed?"
The difference is truth and honesty about the tech being used. If the end user doesn't care (and I agree that if the end speed is the same, then this doesn't matter to them), then it would be sufficient to not mention fiber at all and instead advertising actual speeds.
But the fact is that the companies know that "fiber" implies high speed, whether its there or not, and so they want to be able to use the term even where it's not appropriate. The court's ruling is just allowing this deception. Does it matter in the end? To those of us who would like the term "fiber" to actually mean anything, yes it matters.
What the court actually effectively ruled is that "fiber" is now a marketing term devoid of any real meaning.
"What is going on these days in this country?"
These days? This sort of thing isn't remotely new. Seriously, just check out US history, particularly around the CIA. If you're short on time, just check out what the Church Committee found. And know that today is no different.
""The most fundamental security standard, really, is that you cannot have this extrajudicial, non-rule of law-compliant process where a government can tell its companies to do something," Strayer told the Bloomberg newswire."
Well then, that rules out buying any equipment made by US manufacturers.
Yes, I'm aware of that alternative. The problem is that when I use it and then pentest my setup, I can still break into it. Not as quickly, certainly, but if I'm running an always-on WiFi AP in a fixed location, the amount of time required to break it is not important.
> And allows you to avoid any VPN packet header overhead issues.
VPN overhead is not something that is a problem for me. It's plenty fast.
Personally speaking. WiFi security has a long track record of being terrible, and I expect that won't change anytime soon. So I stopped relying on it a long time ago. What I do instead is run my WiFi AP as its own subnet, and the only thing you can do through it is to connect to the VPN server that I run.
If any attackers break the WiFi security, it gets them nothing. They'll have to go on to break the VPN security as well.
"Very few read EULA's"
I fully admit that I stopped reading EULAs a long time ago, because all of the ones I have read say the same thing: they can do whatever they want, collect anything they want, distribute the data to anybody they want, and can change the terms any time they want.
There's no need to read any more of them. I can assume what they say.
"how to find the settings which allow you to turn it off."
When it comes to things like smoke alarms, the setting to turn it off is right there in my toolchest. Sidecutters can work wonders.
Of course, the better solution is to just not buy any such device if it connects to the network.
"This is like trying to claim copyright when there is no US Copyright Office record of the copyright or licensing"
...which is perfectly legal. Copyright applies the instant the work is fixed in a tangible medium. Registration is not a requirement.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
