Slashdot Mirror


User: tlhIngan

tlhIngan's activity in the archive.

Stories
0
Comments
10,065
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,065

  1. Kinect Tamper-Resistance on Kinect Hacked, Adafruit Bounty Won · · Score: 4, Interesting

    I've always wondered about that statement - did Microsoft really mean people hacking Kinect the hardware, or did they refer to the new round of cracking going on in the Xbox360 community after Microsoft rolled out the Fall Update?

    After all, iFixit's tear down doesn't reveal any anti-tamper mechanisms - no potting of circuit boards or anything. Unless they meant firmware hacking to try a USB jailbreak for the 360, but that's simple to do without needing a $150 piece of equipment.

    The Fall update did bring out anti-modded-Xbox protection measures. Backup games fail a new check and the results get reported back to Microsoft, who can institute a new round of console bans (but only if you're stupid enough to connect to Live with your modded Xbox360). I'm just wondering if some new PR person got the explanation all jumbled up or something between the engineers, legal and PR made a very interesting game of telephone.

    I can see how going from "The software update we rolled out for Kinect contains new anti-piracy measures" into "Microsoft takes strong measures against those who tamper with Kinect". Or how a simple query by someone asking for drivers to Microsoft gets turned into a request for the Xbox360 software itself leading to silly statements. Add in 20 layers of management that the message gets filtered through and it's what you end up with.

  2. Re:Prediction on Digital Archaeology Show Reveals 'Lost' Web Sites · · Score: 2, Interesting

    Well, if the semantic web starts off, you won't need websites anymore - because you'd just ask your favourite software agent "I want to buy a Brand X cheap t-shirt", press a button and it'll scour the machine-readable servers on the internet and purchase it for you automatically.

    I don't see this happening in 5 years though - people are too lazy.

    YOu have to admit, though, that the change is happening. But not on the PC, but smartphone. People are getting apps that are frontends to websites - eBay, Facebook, Craigslist, NY Times etc. And there's plenty of shopping apps too - from those that read barcodes and find you the online deals to others that dig out reviews and such. And while they won't buy it for you automatically, they'll link you to a buy-it-now button.

    It's happening because people are lazy - you're in a store, why not use your phone to find out if it's a deal, get reviews and other things, right there, right now. Rather than note it down, go home, and spend time on the computer looking it up.

    In fact, I think some people consider it to be a huge threat to the open internet when everyone's all cowered away tapping on their smartphones using apps rather than surfing using well-known protocols and standards. And those apps may or may not be using standard protocols. Segmenting the web away, slowly.

  3. Re:Elementary on Dutch ISP Demos Symmetric 100Mbps DOCSIS3 · · Score: 1

    I'm also wondering why they offered 100/100 internet. Since I don't rarely need to upload anything, I'd rather have 190/10 internet so I have a fast enough pipe to grab HD video across 4 or 5 sets.

    Probably because it eliminates the biggest downside to cable - that uploading kills the network. All the cable companies hates BitTorrent because uploads kill the network - once the upstream channel is flooded, everyone's service suffers. Netflix, YouTube, and anything downstream-heavy they don't care - there's piles of downstream bandwidth. Upstream bandwidth, not so much. In many areas, just a few people uploading at full speed is enough to degrade downstream throughput for everyone - lag, slow downloads, etc.

    Why do you think those imposing caps and traffic prioritization tend to be cable companies?

    Here they're showing you can upload at full download speeds and it probably won't kill the network.

  4. Re:Assuming this is true.... on Sophos Free A-V For Mac May Kill Time Machine Backups · · Score: 1

    Unless you're backing up a filevault protected home directory. Then it handles it in just about the stupidest way possible: it saves the whole honking encrypted image as one big file.* And despite the fact that it doesn't decrypt the image, it still only works if you're logged in and the image is open.

    *If you're set up as sparse images, then you do a little better. But still, no incremental backups for you. If a file changes, you have to copy the *whole* thing, because good encryption won't make it obvious which bits of the file are different. Also, I'm not sure it can tell which files are, say, disk cache for the browser....

    How do you expect it to work? DO you expect it to copy files from your encrypted home directory to an unencrypted storage area? FileVault uses disk images to handle encrypted home directories, so the files hit the disk encrypted. Time Machine treats the FileVault image as a single file (or a collection of files with sparsebundles). It can't go and individually take the files out of the FileVault and encrypt them (in case the filenames reveal information), just like it shouldn't copy the files to the backup store unencrypted.

    Being logged in, however, allows Time Machine to do proper indexing for TM-aware apps so you can go back and recover individual files in your FileVault (e.g., should you hose a iSync contacts merge, you can go backwards and recover the record prior to the merge). Otherwise it'll be more of an all or nothing restore instead of being able to support partial recovery.

  5. Re:on the fence on T-Mobile G2 'Permaroot' Achieved · · Score: 1

    Kind of like how end users having direct control over their PCs has resulting in nearly all PCs made over the past 35 or so years being bricked?

    Best Buy seems to do OK with Geek Squad, and it seems people are willing to pay $30 to have something trivial done to their PCs, and several hundred to have Windows reinstalled, so... I'd say yes, the vast majority of PCs end up unusable in some form or another. Villify Geek Squad, but they're profitable, so users are "bricking" their PCs constantly. Hell, people pay the $100 "optimization" service that gets them a recovery CD. Then they take that back to Geek Squad to have some lackey stick the CD in, power up, hit Yes a couple of times and walk away.

    The problem with Android is, Google decided to be Anti-Apple. Apple basically holds the carriers to gunpoint and dictates the terms to which they can carry the iPhone (outside the US especially - what sane carrier will agree to profit share and demands that they not touch the phone at all just for one particular phone?). Google decided to be more "open" and let carriers run wild with Android. So while Apple goes and says "You're not allowed to preinstall anything", "The customer experience must be like XXX - you must let the customer open the box and be the first to touch it" and "Sorry, we're doing the software, you have no say", Google says "free for all - keep doing things the way you have been - the manufacturers are still your b*tches you can slap around".

    Microsoft decided to take the middle road. No "we dictate the software load", but "there may be up to 5 preinstalled apps".

    The other thing is, Apple pretty much started the whole software update craze. Prior to the iPhone, you got your updates through your carrier only, and usually only because they tell you to update. After the iPhone, people seem to want to update more frequently and get pissed when their carrier doesn't provide an update. Another advantage of dictating software load, I guess - one firmware per model.

    The only reason carriers put up with Apple is the iPhone sells, and Apple's got a whole network of marketing and distribution out so anyone can go buy an iPhone from them or their carrier - something Google nearly did with the Nexus One. I'm still looking for an Android phone and the fact that the Nexus One is only on T-mo for 3G isn't happening.

    Hopefully the Nexus Two will be more popular.

  6. Re:Ridiculous And Totally Not Helpful on Sophos Researcher Suggests Password 'Free' to Spur Wi-Fi Encryption · · Score: 4, Insightful

    Maybe he hasn't noticed that wireshark can decrypt WPA2 traffic so long as the network is being sniffed when the client originally connects.

    Yep. And then we'll have a new version of Firesheep with WPA2 decryption. And then another version that'll ARP-spoof the gateway machine so every connected device then routes through your PC.

    It'll end up being that a Firesheep user will just have a fast DHCP server and acting as a gateway for the WiFi so all traffic goes through your PC, forwarding packets to the real gateway.

    No, the ONLY way to defeat Firesheep is to properly encrypt sessions. Otherwise we're just doing an arms race. The ARP spoofing and fake DHCP is basically endgame short of access points going and isolating users from each other. Which would then end up being someone sets up a fake access point that routes to the real one.

    The endgame is, Firesheep can always win. Or anyone with a packet sniffer. Unless the site goes completely SSL.

  7. Re:And now you can have a superior PC for $500 les on Toshiba Begins Selling MacBook Air SSD · · Score: 1

    Of course they would want it to be the new standard form factor. It means your HD is soldered onto the motherboard. Every time you need more capacity, a faster HD, or most importantly the HD dies, you have to buy a entire new computer!

    Soldered? I don't see where it's soldered. In fact, the fact that you can use this to upgrade the new MacBook Air seems to imply it's anything BUT soldered. And I think PhotoFast actually announced their versions of the same SSD for those to upgrade their Airs.

    It's a bit of a wierd formfactor, but that's mostly because it's a new interface connector style (still SATA). There'll probably be a trillion SATA-to-this-thing adapter soon enough.

    I find it funny everyone is complaining about it being soldered on when it seems everyone is releasing this to upgrade MacBook Airs. Either it's gotten really trivial to solder, or perhaps it's not soldered on.

  8. Re:Streisand effect? on Strong Contender Already For Adafruit's Kinect Challenge · · Score: 1

    What the fuck could MS lose if the Kinect driver is open-sourced? Hackers will still need to buy the unit itself. "Tamper-resistant"? The Hell? They placed an explosive charge in it, or why do they have to make it tamper-proof? If someone wants to tamper with it, they probably know enough to disable/circumvent/subvert the safeguards, and if the can't, they probably wouldn't mess around with it in the first place

    I don't think the comment is Kinect-specific. It's a rather vague, generic statement. The only relation to Kinect is because the Fall Update was timed with the Kinect release.

    All Microsoft wants is people to quit trying to hack the Xbox360 to play pirated games. In fact, the only reason Kinect gets involved is apparently the latest update does more checks which is timed with the Kinect release. Those checks fail when playing a pirated game, but succeed when playing an original copy. And this has a side effect of possibly letting Microsoft know your console plays pirated games.

    It's usually less about getting Kinect to work in more devices (I'm sure Microsoft would love to have Kinect spread around - good sales means the possibly for a lot more development), and more about people using Kinect to "break into" the Xbox360 to enable pirated game playing. Hell, I'm sure Microsoft's preparing a bunch of console bans already, especially with the CoD: Black Ops release today. (The other way Microsoft checks is by checking to see if you've been playing a game prior to release date - it means either a retailer has violated street date (cha-ching + retailer gets blackballed), or someone's playing a downloaded copy).

    Hell, good sales of Kinect may spur development of Kinect 2.0, or hasten the next release. You can bet Microsoft's already got a more advanced Kinect version for R&D and military use (probably costing $1000+), and improve on the general firmware and software. Unlike Move which is based on very mature technology (it's just a Wii, reversed, and 2D movement recognition has been around for years before Wii) and thus has to work well, Kinect is fairly new and unique and I don't think anyone's quite figured it out yet.

  9. Re:Is this *really* only an Apple bug?? on Malicious Websites Can Initiate Skype Calls On iOS · · Score: 2, Interesting

    As an iOS developer - I kind of agree with Apple. I write apps which register URL handlers - and when one clicks on on - I make the *user* validate that this is what they really want to do. The same kind of exploits could be done on PCs - if you had a URL handler - like "SSH" which blindly allowed a third-party URL-click to launch SSH on your PC and log into a site - or even to do the same thing with *skype* URLs. Has anyone verified if these kind of behaviors would or would not happen on a PC or Linux machine?

    Already happened. With Firefox, at that, years ago.

    http://secunia.com/advisories/25984

    Firefox registered a "firefoxurl://" handler, which can call Firefox with arbitrary command line arguments, including malicious javascript.

    Apple can't validate every URL that passes through - if they had a magic library that could ensure every URL is completely valid in every context from now to forever, they would have that patented and licensed to everyone. So in the end, the application handling the URL must validate its arguments.

    The question is - does this affect the PC clients as well? Does Skype on Windows also have the same problem? Or does it not register any URL handlers so you can't just click a Skype link?

  10. Re:Oh Noes on Royal Navy Website Hacked, Passwords Revealed · · Score: 3, Insightful

    A useless PR website to a government agency was hacked! This is like when the RIAA home page gets hacked. No operations were actually effected, because no one goes there anyway. No shut down the email servers, thats something else.

    You're assuming that no one ever puts anything else up in a hidden directory on a website, do you? Just because it's a fluff website doesn't mean there isn't anything else behind those pages. At the very least, an exploited script could be running a simple fileserver on it for dropping off warez and pr0n and other stuff. Hell, the webmaster and his friends might've put up files there on behalf of some higher up who needs a large file sent somewhere.

    Wasn't there that funny anti-piracy site that was DoS'd and ended up revealing a pile of hidden files containing emails and such?

    You might think that such entities would use super-secret encryption and file transfer methods, but you'd be surprised to find out most still use common FTP and HTTP.

  11. Re:Oh God, more revisionist history? on Recalling Windows 1.0 At 25 Years · · Score: 3, Informative

    More like stolen from Xerox, who was inspired by Alan Kay's ideas, who probably was at THE demo : DOUGLAS ENGLEBART

    By stolen, do you mean that Apple paid Xerox with IPO shares for a tour and a private demo with Q/A session with Xerox engineers? For most people, when you pay for something it's not "stolen". Xerox engineers did not like the idea but was directed by Xerox corporate to show their research with Apple. Even then, Apple did not blindly copy the Alto but took ideas and concepts from Xerox but made their own implementation with some of their own research.

    Actually, Apple did a lot more - they took the idea from Xerox, but they made it better. Apple never got any source code, they just got the concept from Xerox. It was not only reimplemented from scratch, but implemented better - the Alto demo did not have overlapping windows, for example. Steve Wozniak banged his head around how overlapping windows worked and invented clipping regions (which he got a patent for). He also got into a plane accident with his Piper during that time (and was known for telling Jobs "I still know how to do regions" when Jobs visited him in the hospital).

    Eventually he contacted Xerox to find out how they did overlapping windows and found out their system didn't.

    As for Windows 1.0, I believe it made it into DOS 5 as "DOS Shell" - if you look at it, the graphics are remarkably similar, and DOS Shell even had multitasking.

  12. Re:The real question: on Failed Controller-Free Gaming Devices of the Past · · Score: 1

    Can you imagine leaning to one side to look around a wall? Or ducking to get cover? I think something like this is needed to sell this thing to the gamers. Developers need to accentuate the existing controller interface and not try to replace it with flailing.

    I was thinking if Microsoft would figure out how to not just concentrate on games, they could have a heads-up on the simulation industry. Perhaps a more advanced version able to recognize fingers (it'll cost way more money), but you could do a lot of interesting training with it. Think military - if this thing is capable of recognizing fingers, all of a sudden you could do scenarios where you can communicate with pure hand signals (think aircraft marshalling, communications with team-mates, etc). It could give a whole new meaning to wargame simulation and training.

    Or taken this to the home level - same FPS, but now you can communicate with your AI and other online players with hand gestures rather than pre-canned button pushes.

    And heck, who hasn't done some "body english" when trying to make some particular move? Imagine if Kinect could detect you leaning and maybe do something. (We've all leaned to the right when trying to make a difficult platformer jump across a chasm, for example, or moved the controller up when trying to make a leap up something).

  13. Re:Won't Be On The Market Long Enough To Matter on iFixit Tears Down Microsoft's Kinect For Xbox 360 · · Score: 1

    I'm going to go out on a limb here and say that HD-DVD wasn't Microsoft's invention and the BluRay/HD war was in full swing when they designed their console. It's just that their format lost and Sony's won.

    Microsoft wasn't really in the HD-DVD camp. Either way, they win (HD-DVD and Blu-Ray require support for VC-1, Microsoft's video codec. Not to be confused with AVC, aka h.264). Sony however was more desperate - they bet the bank on Blu-Ray (which requires new production plants (HD-DVDs re-used existing DVD plants), their new console was forced to have it, etc), and they needed to win. The death of Blu-Ray would mean the loss of a big money-maker for a generation. Sure the PS3 could be modified to play games off DVD, but then it's a huge chunk of money putting in useless drives.

    Sony needed to win the high-def war - there was no question about it. Microsoft didn't really care - HD-DVD or Blu-Ray, they get their royalties and patent license fees.

  14. Re:Anything that gets phone makers to update... on Researcher To Release Web-Based Android Attack · · Score: 1

    One problem is that the phone makers insist on idiotic customizations of the android interface, so updates can take a long time because they have to update the customizations as well as the OS.

    The other problem is that hardware becomes outdated and perhaps challenging to update. T-mobile just started updating the MyTouch 3G (which I have). This is a 15-month-old phone running stock android, and I think it took them a long time because the hardware is old.

    It's phone makers AND carriers. The only real reason carriers are loving Android is it's the Anti-iPhone. Think about it - the iPhone denies carriers to ability to customize the experience, load up custom helpful apps, and all that stuff. Apple's basically dictated the terms - Apple does the software, you guys sell service (and pay Apple a portion of the profits). The only reason carriers are doing this is because people want the iPhone and they'll line up in droves to get one. What they lose in the iPhone deals, they make up because there are just so freaking many iPhone users (see how the iPhone has been kind ot AT&T's revenue).

    Phone makers want customizations because it differentiates their product from the competition. Otherwise their phone looks like any other Android phone on the market, and people will just pick whichever one the carrier is offering free. They don't want people to buy an "Android phone", they want people to buy an "HTC phone" or a "Samsung phone" or a "Motorola phone" which hey, happens to run Android. Same situation with Windows Mobile - people collectively just called them WinMo phones that weren't terribly different from everyone else's.

    Ditto carriers - they feel their customizations and carrier requirements makes them "special". And they'll demand that certain apps be preinstalled as well to encourage this. Plus each carrier has idiosyncracies of their own that require enabling and disabling certain features (echo cancellation, for example).

    It's no big surprise that there can be easily 20-30+ different builds of Android for one model of phone. Couple this is hardware that stopped being sold 2 models ago, and manufacturers really don't want to spend the money to update software on something they consider obsolete.

    Other than the Nexus One - what other piece of hardware is directly supported by Google and you can get carrier-free, lock-free, and software updates direct from Google?

  15. Re:not really on Flash Can Rob 2 Hours From MacBook Air's Battery Life · · Score: 1

    But what does HTML5 offer? Woo! Unblockable obnoxious battery-sapping ads. Thanks a whole bunch, W3C! Just what I always wanted. </sarcasm>

    Actually, ads can be removed quite easily in HTML - there are lots of DOM editor extensions. In firefox, the one I use is called "Nuke Anything Extended" - right-click on the offending thing, "Remove this object". Even has undo in case you nuke something useful.

    It's great to remove the ads that show in print view when actually... printing.

    Not to mention very few HTML ads are actually inline - most are brought in via a little javascript, which NoScript blocks quite handily.

  16. Re:How does never work for you on Will Netflix Destroy the Internet? · · Score: 4, Informative

    Most ISP's in the US already have a (high) data cap. Whatever you do under that, they will not care. If there were (or are) any ISP's with "unlimited" bandwidth then they will have to change policy also to have some kind of data cap, because they do not get "unlimited" bandwidth from the people they purchase internet connectivity from.

    A classic study would be Canada. When Netflix came to Canada or announced plans to do so, Rogers (cable) immediately LOWERED their measly caps from 60GB to 30GB-ish. Bell (DSL) heavily lobbied the CRTC so DSL connections can be billed by the byte, so that ISPs using Bell's lines are at a huge disadvantage. Shaw (cable) already announced plans to charge overage charges at $2/GB (for "lite" and "high speed" users) or $1/GB (for the faster plans - warp/nitro). You can pay extra for more - $5 for 10GB and the like. Right now it's a trial, but they're planning on rolling it out.

    SO yeah, Netflix's potential for clogging the Internet won't happen. Ditto the "bandwidth crunch".

    Heck, the FCC may make stupid rules, but in Canada without those rules, things are a lot worse. I can't have digital cable without buying and paying monthly fees on the cable provider's box (which only works with that provider - they won't (and don't have to) allow activation of 3rd party boxes). No Firewire video at all. No cablecard (crap, but at least I could use my TiVo). No unencrypted digital cable (if I want high-def for free, I have to stick an antenna up - no rules saying all those channels must be unencrypted QAM), etc.

  17. Re:Why can't the text of these books be clearer? on How Google Is Solving Its Book Problem · · Score: 1

    It's because the book-scanning process is completely automated.

    I doubt it, it is not exactly hard to get a book that is at a rather fixed distance into focus. Anyway, the reason why the fonts are blurry isn't the focus to begin with, the images that Google shows are simply extremely low resolution. Why they are in such a low resolution I have no idea.

    Well, actually it is. Google's book scanners use two digital cameras to take photos of both pages at once, rather than a much clearer scanner system. Those photos then are automatically cropped to remove the background (scanner hardware - the book holder, platen frame, etc), then a reverse-page remover (to remove traces of the text on the other side which can surprisingly leak through), then run through a deskewer to straighten up the words and lines to give OCR an easier time. Going through all this on a relatively low-resolution "scan" leads to even lower resolution book images after processing.

    Plus it's optimized for throughput, so large digital camera photos mean each page takes longer to transfer the images from, so you don't want to do pictures at too high res. Plus if the book is smaller than what the full frame of a book is supposed to accomplish, you're starting with a lower resolution picture to begin with (the "zoom" isn't adjusted - the FOV is kept constant for the largest book the scanner can handle).

  18. Re:not stalking on Cisco Social Software Lets You "Stalk" Customers · · Score: 1

    Except that in some instances, the areas where these posts are being made are in what the posters deem to be a closed room, and I'm sure you'd be mad as hell if your comments in private are purposely eavesdropped.

    What if your friend who has looser privacy settings decides to re-post what you wrote?

    E.g., you write "I'm asd - my dad has cancer" private to your friends only
    Your friend writes "Everyone help opposabledumbs - his dad has cancer!"

    Boom - what was private... is now public. It's like gossip.

    If you want an old curmudgeon's view of it, read the Rex Morgan, MD, comic strips for the past couple of months - the mayor gets a diagnosis for cancer, wants to keep it within family. Next day, everyone in town knows about it. The source? Their daughter texted a few friends and created a Facebook page.

    You cannot expect any sort of privacy at all - expect someone to re-post, re-tweet or basically re-blog about something you said privately to the world. If you want ot keep it quiet, don't post it online, or set your Facebook settings so that everything is "Only me" (in which case, why not just use a diary?).

    Heck, we treat email with more potential for privacy invasion (and shun any attempts at trying to add "privacy" settings), but Facebook postings are exactly the same. You may think you're speaking only with your friends, but they aren't bound to keep stuff secret, and if you have more than a set of close buddies, you can bet someone may try to repost something.

    Once it's hit the Internet and readable by anyone else other than you, assume the whole Internet can read it. It's just like the Facebook locations thing, too. Just because you don't enable it, and you prevent others from enabling it, doesn't mean the information can't leak out. ("I'm here with opposabledumbs!" *Facebook check in*).

    Most people don't have the same regard for the privacy of your information as you do. You may want something to be strictly between you and your friends, but your friends may decide there's no harm in posting what you said to THEIR friends. The best way to prevent it, is to not post it. Keep that in mind next time you want to spread some gossip around and realize you're just doing what everyone else on Facebook is doing. Or why some people request that nothing be posted on sites like Facebook (weddings, birth of child, etc).

  19. Re:Before people start in on MS..... on Microsoft Outlines Windows Phone 7 Kill Switch · · Score: 1, Interesting

    I believe the Apple iPhone kill switch isn't that comprehensive to begin with. Firstly, the "kill switch" was located in CoreLocation, so any app not using GPS would be ineffective. It was designed more to deny GPS services to rogue applications than anything as location data is considered extremely sensitive and private.

    Of course, there's probably another more general kill switch around, but Apple seems reluctant to use it. They could easily prevent jailbreaking this way using the kill switch.

    But it is a good point - either Apple's screening process is foolproof (for nearly 300,000 times?), or they really haven't bothered at all - preferring to remove apps from the marketplace than to forcibly remove apps.

  20. Re:An other encryption disaster ? on Gigabit Wireless Will Link Smartphones To TVs · · Score: 1

    I wonder how much overhead all this nonsensical encryption adds.

    None at all. Most HDCP implementations are done in hardware. Last I looked you can get HDMI transmitters and HDMI receiver chips with built-in HDCP engines, and the keys and everything are built in too. You can query a register to figure out if HDCP is active or not, but for the most part, the encryption is handled purely in hardware.

    And there's no real need for new keys - they can do it, but capturing video this way is highly inefficient, and you're not gaining much since you could've just used the HDCP-enabled DVI or HDMI connection to far better effect than having to deal with wireless (where frames can be distorted and lost and you're relying on interference levels to be steady).

  21. Re:A bit bulky eh? on iPad Serial-Port Adapter Previewed · · Score: 2, Interesting

    I'm not much on the iPad aspect, but serial ports in general are still ubiquitous in datacenters. For all the madness of pinout jumbles and baud rates, it's among the most simple circuits an embedded device or facility can have that can output sufficiently rich data for initial configuration and emergency situations. Even when booting linux on a server and you want a text-based console (e.g. for logging), nothing is as robust as a serial connection.

    Now you can propose any number of 'modern' alternatives using USB or Ethernet signalling, but nothing has the degree of 'near impossible to screw up' that a simple serial controller has and serial can push 115200 easy, good enough for any manual ASCII based interaction and even a lot of programattic interaction, though the latter really should be done using network after usng the serial to unscrew up what went wrong.

    And those alternatives suck badly.

    USB? Guess what, unless it's a bog-standard USB-serial adapter built in (FTDI, Prolific or other common one), you're gonna march into a data center, stick your USB cable in, and get "Insert driver CD" or somesuch nonsense sooner or later. Not to mention the manufacturer has provide Linux/Windows/MacOS X drivers. And those drivers will always be too old, because the equipment will run until it's obsolete, and there won't be drivers for Windows 8, Lion or Linux 2.8.

    Ethernet - great, so I need to find out why it dies and have to reconfigure my network stack to the IP or other strange protocol that the device wants.

    Serial sticks around because it really just works. At slow enough speeds (9600) USB adapters work fine and your laptop/etc can be pre-loaded with the necessary adapters. Or you just plug it straight in. Sure you need to know the configuration, but any decent admin would've put it on a label. If not, there's only really 4 speeds to test - 9600, 38400, 57600, 115200 that would cover pretty much 99.99% of the devices out there. And modern embedded UARTs are often autobaud.

    Plus a serial port is dead-simple to program from the startup assembly code. Initialize the UART (fixed configuration), then just write to the base address to output a character. USB and Ethernet, not so much.

  22. Re:Hopefully... on Firesheep Author Reflects On Wild Week · · Score: 1

    ...after this and the whole Google fiasco, manufacturers will take a hint and make WPA encryption mandatory. You can't realistically expect users to know how to configure this stuff and it doesn't actually cost the company anything extra.

    They do, actually. Most routers and hardware support "secure easy setup" type one-click security. Sure you often have to buy equipment from one manufacturer, but that's just incentive to do it and to show how to do it.

    It's extremely popular if you consider how many routers have that function used (you can usually tell by the SSID). Of course, you do give up a lot of control when using it (limited number of clients configured this way, almost impossible to do a manual configuration, etc), but it's there and usually there's pages in the printed guides about using it.

  23. Re:I'm sitting this one out on 'Cellphone Effect' Could Skew Polling Predictions · · Score: 1

    At the very least, vote and spoil your ballot or write-in.

    Not voting is treated the same as voting for whoever wins - you didn't care enough otherwise to bother voting, thus you're happy with whoever wins.

    It's also why I believe that anything that deals with elections and voting (recalls and such) should be done only amongst those who voted - those who don't vote, don't get a chance to complain and must live with it. Even voting blank counts as something (You couldn't find anyone to vote). If you're stumped, write in "none of the above".

    Does your vote count? Not really. But it's a protest vote, and if you can get more people to do same, it's far more useful. And it shows you voted.

    Voting is something many people died for, yet less than half the eligible population partakes in. People long for the ability to even do a vote. And hey, maybe "none of the above" can win.

  24. Re:But you can still get it, right? on Google Bans Sale of Android Spying App · · Score: 1

    Lockdown is becoming increasingly common in the Android phone world. Soon you may not have much of a choice. Are there any completely open android phones sold today aside from the Nexus One?

    Having dealt with handset manufacturers before, they regard things like xda-developers to be a major issue. Time and time again we hear from them "We don't want to be on xda-developers" and "We don't want xda-developers on us".

    So lockdown's happening, like it or not. The manufacturers want it, the carriers want it, and Google wants it (to help limit piracy). It's such that Android might be "open" in name only, purely to offer a bullet-point against the iPhone.

  25. Re:iPhone version? on Google Bans Sale of Android Spying App · · Score: 4, Insightful

    DLP Mobile also tried to sell the app on Apple's iPhone app store but was rejected.

    I doubt that. The iPhone walls off SMS messages from apps. Apple can't have rejected it - you can't write it.

    Sure you can. If it exists on the iPhone, you can weasel your way around and get at 'em. However, you're probably going to have to use enough private APIs and the like that you'll be rejected immediately for failing the static code test.

    Anyhow, it's not like Android doesn't warn you - isn't that widely approved "permission list" that it pops up going to tell you it has access to SMS and the like? (Even though in practice with Joe User, it fails miserably since Joe User doesn't read dialogs and such things just impede progress to their goal of playing with the app).

    Finally, I think it's an app that has been marketed truthfully. All this will do now is have other app developers embed such functionality into their apps now from all the news. Suddenly all those "2-factor bank SMS" things don't seem so secure anymore, do they?