* Posts by JohnFen

5648 publicly visible posts • joined 20 Feb 2015

Fake broadband ISP support scammers accidentally cough up IP address to Deadpool in card phish gone wrong

JohnFen

Re: Who is to blaim for being taken by scammers?

"The return address is noreplay@overweeningly_important_bank.co.uk so you can't reply to check."

That's not how you should be checking anyway. What you should do is call up the institution that purportedly sent you the email (look up the number yourself, don't use the one in the email) and ask them about it.

Or do what I do and ignore and and all emails from banks, etc. Any of those institutions that I'm doing business with already have several other ways to contact me, and if it's really important, they'll be using those. And, for my part, every bank I do business with explicitly says that they'll never reach out with email for important business, so if you get one, it's automatically a scam. That's a policy that I am entirely on board with!

JohnFen

Re: Who is to blaim for being taken by scammers?

"Well the "victim" ofc"

Really? This implies that you think that you yourself are too smart or too alert to be scammed. I can guarantee that you're not. Nobody is. The only difference between you and other victims is what sort of scam you're likely to fall for.

Most scam artists will also opine that people who think they would never fall for a scam tend to be easier marks.

JohnFen
Pint

Re: Dirty Scammers

Well done, sir! I couldn't keep that up for an hour. Have a beer.

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently

JohnFen

Re: Hosts

The hosts file is enforced by the operating system. An OS can trivially ignore anything in it (as Windows used to do -- maybe still does, I dunno -- when sending telemetry). Same with any "firewall" built into the operating system.

Really, if you want ot go the blocking route, you need to use an external system for that. Something like Pi-hole or a standalone firewall/router would do the trick.

JohnFen

"the core thesis that extensions can have too much power is valid"

I disagree entirely.

JohnFen

"why does any website need that many outside scripts?"

In my experience, for two reasons: advertising and developer laziness/incompetence.

JohnFen

Re: Waterfox, my friend

"Occasionally my bank's web site will whine"

I have a plugin that lets me change the browser ID string. That eliminated those annoying whines.

JohnFen

Waterfox is still a good option. I figure that if Waterfox makes a change that results in it no longer being a good option, and I can't find any others, I'll just stay on the old version of Waterfox.

JohnFen

Re: So predictable !

"They don't sell your information"

This is a meaningless statement. I don't care if they sell the information or not. That they collect it without my consent is the problem.

JohnFen

Re: Google are cunts

I use DuckDuckGo, and to be honest, Google search has been declining in quality for years now. It was a couple of years back that DDG and Google became roughly comparable in quality for me.

JohnFen

Re: Google are cunts

"If you dont like it fuck off and never use a google service again"

I'm way ahead of you! I've been doing that for a long time, because fuck the evil bastards at Google.

The problem is that doing that STILL doesn't let me escape Google's spying ways.

JohnFen

Re: Google are crafty

And I will counter that (I've already put this in place due to Firefox's DoH) by implementing a MITM packet inspector.

JohnFen

Re: Google are cunts

Yes, not all JS is bogus -- but it's impossible to tell which is bogus and which isn't from the outside, so I block it all. The right thing for web devs to do is nothing more than engage in good design practice: make sure that your site fails gracefully, so if the JS doesn't work, your site doesn't become worthless.

JohnFen

Re: Waterfox, my friend

"But does it work properly ?"

I don't know about your use case, but I've been using it as my main driver for almost a year now, and it has worked perfectly for me.

JohnFen

Nope

That sort of change would be a dealbreaker for me. Not that it actually matters, though, since I avoid Chrome or Chromium-based browsers in the first place...

We all love bonking to pay, but if you bonk with a Windows Phone then Microsoft has bad news

JohnFen

Re: I had always been skeptical

"My grocery store has rewards"

Personally speaking, I am not on board with allowing my grocery store to spy on me any more than I'm on board with allowing the likes of Google, etc., to spy on me. And since Google, etc. has begun buying the data generated by the use of loyalty cards along with credit and debit cards, there's not much of a difference anyway.

JohnFen

Lost me at the headline

We don't all love bonking to pay. I certainly don't.

Some of us might love paying to bonk, though!

Amazon shareholders revolt on Rekognition, Nvidia opens robotics lab, and hot AI chips on Google Cloud

JohnFen

Re: What is worng with facial recognition

What is wrong with face recognition?

First, it has a high false-positive rate, so using it in a law enforcement or public safety capacity is automatically problematic just because of that.

Second, it's putting more power into the hands of authorities that have consistently demonstrated over many decades that they can't be trusted with power. Nothing like this should be used in such a capacity without muscular oversight.

Third, it's expanding a surveillance state that inherently restricts legitimate behavior.

I have more, but that's probably enough for now.

"Once there is enough coverage, society will become crime free and safe, resulting in huge cost reductions for law enforcement."

I can't tell if you're being sarcastic here or not. If you are, then my apologies. But it simply cannot result in the utopia you describe here. Even if it could, at what cost? I'd rather live as a free person in a dangerous world than as an unfree person in a safe world.

"It is very weird people would oppose technological progress so beneficial for society"

That would be very weird. Perhaps the issue is that it's not so clear this is beneficial for society on the whole.

JohnFen

Re: I guess the problem is in the White House

"If the prez was Clinton or Obama or old Bernie, it wouldn't be such an issue."

It sure would for me. The nature of the occupant of the White House doesn't enter into this.

FCC: Oh no, deary me. What a shame. Too bad, so sad we can't do net neutrality appeal during the US govt shutdown

JohnFen

"Trump can indeed end the deadlock, but, so can the demo-rats in Congress."

Only by completely abandoning a position they believe is right. Usually, it's possible to negotiate a resolution to this sort of thing, but in this case, Trump is the one who is refusing to negotiate.

JohnFen

Re: Why "net neutrality?" Simples.

"if a corporation is perceived to be acting against the public good, will that not affect their profits?"

Not when they're an effective monopoly that is providing an essential service.

JohnFen

Re: Please explain: why do we NEED this so-called "net neutrality" again?

Since there is no competitive market in the ISP space, there is no market pressure to keep ISPs from abusing their customers, and there are numerous cases of such abuse. It seems reasonable for the government to protect the citizenry from abusive corporations when nothing else restrains them.

Man drives 6,000 miles to prove Uncle Sam's cellphone coverage maps are wrong – and, boy, did he manage it

JohnFen
Devil

This is why I do my best to be shameless. A person without shame can never be blackmailed.

JohnFen

Re: I'm sure the FCC will get right on it

You're an optimist!

Oracle exec: Open-source vendors locking down licences proves 'they were never really open'

JohnFen

Re: Yes, the bad companie are

"So yes, it can be retroactively revoked. It is not a transfer of the code to you: only permission to use."

Again, it depends on the exact license we're talking about. But most OSS licenses I've seen grant a worldwide, nonexclusive, nonrevocable license.

"If you did not pay for that permission the grantor is not bound by the "terms"."

I am not a lawyer, and I would love it if a lawyer could comment on this. But it seems to me that if what you say is true, then there are a whole lot of licenses people and businesses depend on outside the OSS world that aren't valid at all. That smells wrong to me.

Even if it's right, it changes nothing, though. Taking the code private only means that I wouldn't use any new releases.

I'm also curious about what happens to the contributions from outside developers. If the license is revoked, that equally means that outside code contributions are no longer legal for the project to use and must be excised.

JohnFen

Re: Yes, the bad companie are

Can you support this claim?

JohnFen

Re: Yes, the bad companie are

True, and if that's something of importance to you, then it's worth keeping in mind.

However, if the OSS version is popular (which it likely is, or the company wouldn't be trying to take it private), then it will get security updates from the OSS maintainers (and you can also fix it yourself if you're so inclined), so the odds of this being a critical point are low.

And honestly, in terms of security, I trust the OSS community a whole lot more than than the closed-source community. And doubly so if the closed source community we're talking about is Oracle.

JohnFen

Re: Yes, the bad companie are

"They can fork a proprietary product off from the open source version and never contribute back to the open source side."

That depends on which license they released the OSS code under and whether or not the code base includes code contributed by others. Of course, even with the most restrictive licenses, they could just ignore their own licensing terms and hope that nobody does anything about it (which is probably a reasonable bet), but they'd still be in violation.

Regardless, the code they've already released remains under the terms of the license it was released under, so they can't take that back.

"So eventually they will be two separate products"

Which I'm actually fine with. It just means that I wouldn't be using their new product.

JohnFen

Yes, the bad companie are

"Whatever semblance of openness they had, they're trying to take back… because it's going to be hard for them to survive in the cloud world if anybody can just pick up their code and just build a cloud service out of it."

Yes, the bad companies are. Fortunately, good devs continue to exist. Plus, they can't retroactively change the licensing of code that's already been issuing under most OSS licenses. They have to develop something new and release it with a new license.

Most munificent Apple killed itself with kindness. Oh. Really?

JohnFen

Re: Look it's really quite simple.

"continuing to use Windows 7 two years later in 2022 would not be a smart move."

Without taking additional precautions, I agree. My point, though, is that you can take additional precautions so that you aren't relying solely on the OS for your security. Further, I argue that everyone should be doing that anyway, even with fully up-to-date software.

The marketing angle that I was referring to is the use of scare tactics to compel people into using software that companies want you to use rather than taking other measures. I'm not arguing that no measures should be taken.

JohnFen

Re: Battery

"would be that all companies have to provide a facility to replace batteries for a given period, and that they can only charge costs."

I don't think that's a better rule at all. At best, it's a compromise.

JohnFen

Re: Battery

"Having field swappable batteries is fine, but it inherently adds a lot of bulk"

This isn't true, as demonstrated by my Galaxy S4. The battery is simple to replace (no tools needed), but the phone itself is only marginally thicker than modern thin phones.

JohnFen

"when do users feel that they've had (insert retail price) worth of use out of their device?"

I don't know. All I do know is how I think of these sorts of things, and I never think "I've got the value I paid for now, so it's time to upgrade!" Instead, I think "this device doesn't work anymore, time to replace it" or "this device can't do what I need, time to get a better one". Those are really the only two things that will spur me to replace equipment.

Also, unless the price is unreasonable (as the current "flagship" phones are, in my opinion), the monetary expense isn't the friction to upgrading. It's that upgrading is itself a disruptive pain in the ass, and I'll only do it if it's a greater pain in the ass not to.

JohnFen

Re: Look it's really quite simple.

"I sometimes wonder about the way people get really anxious like the second an OS drops out of mainstream support"

It's because of marketing. OS and some software vendors really need you to keep updating, and they're very quick to jump on "security" as the stick to beat you into doing it.

Note: I'm not saying that the argument is invalid, I'm saying that it's greatly exaggerated. Also, it's not really that hard to run an outdated OS or other software in a way that is about as secure as if you're up to date. It just requires a bit of care and attention (which people should be engaging in anyway).

Cortana and Search to innovate separately in an amicable Windows 10 Insider split

JohnFen

Re: All your data are belong to us

That was also a problem -- but combining Cortana with search was also certainly a problem.

JohnFen

Great news!

Maybe now they can make Windows search actually work.

Do you feel 'lucky', well, do you, punk? Google faces down magic button patent claim

JohnFen

Re: Am I lucky?

Do you not go to google.com to do a google search?

JohnFen

Re: Legal Certainty

"Why should the language stop you, when this is the core of the issue?"

It doesn't stop me, but legal language is only clear to lawyers, and I am not a lawyer. So reading that stuff isn't always as useful as I hope, as I can't understand much of it (and it's not always clear if I understood the rest correctly).

JohnFen

Or, as I like to call it...

The useless button.

With the ongoing decline in the quality of search results that Google provides, the first hit is never, ever actually relevant to what I'm searching for. I'm lucky if I get a relevant result in the first page!

US comms watchdog's industry-friendly 5G rules challenged by fresh legislation

JohnFen

Re: When does it qualify as treason?

"Corruption at that scale is economic warfare"

I detest Pai's FCC as much as anyone, but I seriously think this is overstating the case. But even if your characterization is correct, the blame really falls on Congress. Congress has the power to make the FCC behave differently, and they aren't.

JohnFen

Re: When does it qualify as treason?

I'm familiar with thing like the Active Denial System. The thing is that there's more involved with that than the frequencies used. There's also a requirement to be able to focus (there's a reason that those systems require a rather large antenna array) and the amount of power required is huge. Those systems have to be powered with their own generators.

There is no obvious way you could take a 5G cell antenna and turn it into an ADS weapon.

JohnFen

Re: $270/year?!

"I'm not sure how densely 5G masts can/should be packed"

5G trades range for increased capacity and bandwidth, and 5G cells need to be packed much more densely than existing cell tech.

(This is from 5G: The Density Question, which has more comprehensive information)

"Qualcomm Inc. has been comparing the coverage of prospective 28GHz 5G small cells and unlicensed 4G Licensed Assisted Access (LAA) 5GHz small cells, which don't offer as much transmit power as traditional 4G macro cell deployments. The chipmaker finds that mmWave networks will offer 96% of the coverage of the 4G networks if the 5G small cells are deployed at a range of around 100 meters to 200 meters apart, said Peter Carson, senior director of product marketing at Qualcomm."

Qualcomm was talking about mobile cells. For fixed-cell, Verizon reports:

"[...] downloads of more than 1.4 Gigabits per second to nearly 600 Megabits per second at a distance of up to 1,000 feet. At distances of between 1,000 feet to 2,000 feet, the download speeds drop to just below 1.4 Gbit/s down to just above 400Mbit/s. Beyond connection ranges of 2,000 feet, the top download speeds are listed at just over 1 Gbit/s. One thousand feet to 2,000 feet correlates to 300 to 600 meters,"

JohnFen

Re: When does it qualify as treason?

Fortunately, in a world where little is clear, the treason question is easy to answer. In the US, treason is clearly defined by the constitution:

"Treason against the United States shall consist only in levying war against them, or in adhering to their enemies, giving them aid and comfort. No person shall be convicted of treason unless on the testimony of two witnesses to the same overt act, or on confession in open Court. The Congress shall have power to declare the punishment of treason."

("Giving aid and comfort" also has a very specific definition, and it is a bit different than the phrase implies in modern English)

The only way any of this can be considered "treason" is if the purpose is to engage in war against the US or to help a nation engage in war against the US.

What's happening at the FCC isn't remotely close to treason. What it actually is is corruption.

US prosecutors: Hey, you know how we said 'net gambling was OK? LMAO, we were wrong

JohnFen

In all fairness

In all fairness, in the US anyway, prosecutors don't get to decide what is or is not legal.

McKinsey’s blockchain warning irks crypto hipsters

JohnFen

Re: I do see a use for immutable ledgers...

"For massive scale deployments it's still not quite there IMHO"

I don't think blockchain will ever be viable for massive scale deployments. It's simply too inefficient on all levels.

Ahem, Amazon, Google, Microsoft... Selling face-snooping tech to the Feds is bad, mmm'kay?

JohnFen

Re: The last two paragraphs are key

I agree.

JohnFen

Re: This is a nice goal

So if, as you imply, stopping this is borderline impossible, then it makes sense to at least be able to convince some companies to not play along. I do need to some companies that I'm OK with doing business with, after all.

JohnFen

Re: This is a nice goal

Then let the likes of Boeing and SRI supply it. There's no need for others to get their hands dirty.

Google to yoink apps with an unauthorized Call Log or SMS habit from Android Play Store

JohnFen

Deflection

Greater scrutiny of apps is a wonderful thing -- the app landscape is horrendous and I support anything that might make it better. But a part of me wonders if this isn't also an effort to deflect criticism of Google's own serious privacy-related problems and blame everything on app developers.

I'd say that Google needs to get its own house in order at the same time, but at this point I think they can't. Their entire business model relies on them being a bad actor.