Because of the US's stupid attitude towards terrorism, their allies (like my country) followed suit FOR NO OTHER REASON than to keep the US happy.
We've had worse terrorism, going on for longer, from much more dangerous and determined people. And we had none of this junk until the US decided to dictate what "wars" we should or should not get involved in.
I have the same ludicrous restrictions despite the fact that no such incident ever occurred on UK soil (and despite the fact that we had the Lockerbie bombing and all manner of IRA attacks DECADES earlier and never had to introduce shit like this for our security before).
The US has screwed my country's freedom. And then they wonder why other countries (like ones where they storm in, bomb the crap out of innocents, take out some terrorists - well, we assume those people they kidnapped to Guantanamo and never gave a fair trial and who are still there over 10 years later were terrorists - and then leave others to pick up the mess for years at an almost unbelievable expense) don't like them enough that their people attack them.
If your job is stupid, then YOU need to tell your boss.
We already are. And we're hassling you because it's so stupid. The next step in the chain is for you to hassle your boss.
I've yet to hear, say, the TSA go on strike over the ridiculous things they are being asked to do, and getting complaints from the public over.
You can't just say "We think it's stupid too, but we haven't told anyone." It's up to you to feedback to the appropriate management what a huge waste of time this is, and how much negative feeling it's generating.
"Sorry, mate, not my fault, just doing my job"... the phrase that will end the world.
A couple of dollars, per quarter, per user. From advertisting. Sure, there are users giving money to Facebook directly but - NOT ME. And not most people, obviously.
The money comes from advertisers. Do those advertisers make that money from users? Pretty much no. They might think that, but they aren't. We're not giving advertiser's money, lots more money than we are directly pumping into Facebook by buying in-game currency etc.
Someone else is. Businesses are. Whether they get a return on that is, like Google ad revenue, extremely hard to determine but incredibly unlikely for the majority of them.
And, like I say, if that's how they are using me to make money - I don't click on adverts, don't let ad referrals propagate back to sellers I was using anyway, and if they push too much (no way they are showing the average user enough adverts to justify a dollar from each of them per quarter) they will kill the business flat.
In case you haven't noticed - most places that spend money on advertising just don't see it back in increased revenue at all. Groupon can show you that. And almost every Facebook ad I see is small-fry Google-ad territory, where I doubt they even had enough free money to advertise in the first place, not "Coke" or "Pepsi" or "Microsoft" doing it.
*I'm* not paying for Facebook at all. Stupid advertisers that won't see their money back - ever - are. It doesn't mean that's not how Google are funded either. But the advertisers that have paid to get to me, and the things I do on Facebook, generate no money whatsoever - and certainly not once you count profit instead of revenue (income). Facebook is not free to run. And for sure I'm costing it more than a dollar per quarter.
But patent infringement is not inherent to Android alone.
If you make any kind of modern tablet device, the patents basically cover all models, all OS, etc. Kind of the idea of a patent rather than copyright.
As such, the patent issue is separate and unavoidable anyway, whether you're using someone else's code, your own code, or your own interpretation of their code. Or even just slapping Windows onto an tablet / smartphone-like device.
P.S. The Play Store EULA allows this. It only mentions "a device supplied with a version of Android" as the requirement to be licensed to use Play Store, last time I read it... I was that worried, I checked.
If they only tack it onto supported devices from manufacturer's playing ball, they don't have to worry about compatibility etc.
They distinguish, as it is, that my manky Galaxy Ace is not able to run apps that other phones / tablets are able to run. Hence they are already wasting a lot of my time when I go to an interesting app only to find it's not compatible.
Throw in fifty brands of cheap unofficial tablet and they have no way to test compatibility to that fine a degree. And when they want to obsolete a particular model / Android version it becomes much harder is the company isn't around any more (and / or kicks up a fuss when all their models stop being able to use the Play store).
It's all to do with manufacturer's agreements and clauses within them that give them an obligation to keep up to date with Android version, security problems, etc. I should imagine.
That said, there's pretty much nothing Android that you can't hack some version of the Play store onto, even if it's just manually getting an old Play Store APK file and installing it.
Google don't seem to "block" that, they just don't support it. I set up several brands of cheap tablet onto Play Store for my former employer and it still lets you install Store apps, Google Apps for Domains, etc. and it quite obviously recognises what the device is (it sucks off the manufacturer name from the tablet presumably) and knows it's not a model that Play Store was ever bundled with.
Was their data concerning a website they visited collected without their knowledge? If the article is right, almost certainly.
Was it analysed? Probably.
Were people then sneaking into the back garden going through their trash looking for Julian Assange? Probably not.
Nobody is saying that millions of people were observed to any great detail. What we're saying is that GCHQ et al were looking at data sent by visitors to a particular website covertly. All visitors. Foreign and domestic. Without their knowledge.
If I did that, it'd be a breach of the Data Protection Act at the very minimum. Apparently they are "allowed" to, whether officially or not. But it's pretty certain that they intercepted data intended for a sensitive website without the website/viewers consent.
How much of a problem that is is a matter of interpretation.
If nothing else, this just adds more weight to the "let's anonymise, encrypt and obscure everything" argument.
By a certain definition, the War On Terror was - itself - terrorism. It's purpose was basically stated as making "terrorism" so scary to contemplate based on a threat of violence and economic destruction, that people wouldn't do it.
It "worked" (for a certain definition of that word) only because the majority of places decided not to stand against the biggest guy in the room. That works only until those places change their mind, get together, or that guy isn't so big any more. Did it stop the overall existence of terrorism? Not really. We just haven't had a similar scale of it recently, that's all.
Think "Swordfish". All it does is escalate the terrorism into meta-terrorism and meta-meta-terrorism. Like an argument with your kid brother - left unsupervised it'll turn to blows, which will be reciprocated until someone is so hurt they are afraid to fight back because it'll hurt more (until... well... they see a weak spot, or decide it doesn't hurt as much as it used to, etc.).
Terrorists aren't a "thing". They don't have a little Terrorist gene that switches on at puberty. They don't come from certain ethnic minorities or religions. They don't live in certain countries or use certain tactics.
Terrorism is a type of threat. Anyone can make such a threat, or receive it. Give me your wallet or I'll punch you is "terrorism".
As such, the War on Terror was even more laughable (if such a stupidly huge impact on the world can be considered laughable at all). It's like having a war on naughtiness. Or even a war on wars.
The Dambusters could be construed as terrorists. The D-Day landers. Even the planes that dropped propoganda into Nazi Germany to scare people into submission.
It all very much depends which side of the terror you are on. And the problem is that EVERYONE always thinks they are on the "right" side, even of their own terrorism.
So is Guantanamo Bay. Quite clearly and obviously.
The question (which has no answer for the likes of you and me) is: What the hell do you expect others to do about it?
Read the next paragraph about Guantanamo, or about spying privacy violations. Tell me where it would differ:
"For sure, I hoped my country would at least condemn such actions. They didn't. Wars have been started over less. Nothing happened. We've sanctioned countries because of less. No such thing occurred. 'We' got it onto the news, into other media, made people aware. Still going on. The people protested about it. No change in legislation or international relations. It's been a long time since the initial news broke. Still happening, just the same."
So what's the difference? I can protest. I can complain to an MP. I can make a fuss and get in the news. But, to be honest, what precisely is going to make a government stop such things? Nothing at the moment. If these revelations aren't big enough to cause turbulence in international watchdogs, the UN, our allies, etc. then what would be?
Fact is, all I can do is whinge about it. Hell, even if they target me specifically, there's almost nothing I can do and I'd have to be just about the most superhuman person to come out the other end as a victor, having escaped their clutches, shown them up in the media, proven that they acted without cause, and won the majority of the populous to my side etc.
There is no solution that does not involve creating an entity with even more power, even more secrecy that's even less accountable.
My having an account is not going to turn into a guilt-trip to make me think I'm funding idiocy like this. Facebook isn't worth what its share prices say its worth, any more than WhatsApp is worth anything even APPROACHING a billion, let alone 19 of them. But it's not my fault.
If someone is stupid enough to give Facebook / Whatsapp this kind of money, it's certainly not someone like me. If they are paying that to try to reach me, more fool them. If you don't notice, you'd be BETTER OFF giving everyone on Facebook, say, £100 and asking them to spend it on your mate's products. It's literally that bad.
And trying to get even just my share of, say, $19bn out of my Facebook account will almost certainly end up in me terminating it. Try putting more than a few ads on the Facebook page and I'm off. As it is the "sponsored" updates are annoying me. You'll be lucky if Facebook's "income" from any one person is even pence, in terms of clicked ads etc., before you even count out costs they've incurred to Facebook.
And I can state with quite a high degree of certainty that all of the companies that have given Facebook money - none of that has come from me. I've never clicked on an ad, let alone the bollocks Facebook ads that can't even be bothered to read my interests that I've taken the time to put on my Facebook account. If they've paid to spam me, I haven't even noticed and if I do notice, I'm off. It's that simple.
But, actually, nobody has made me spend money with them by tapping into the information I provide Facebook at all. In fact, just the opposite. Spamming me for US-based VPS servers just because I have IT-related interest doesn't help a Brit like me at all - but Facebook gets so little other information from me (blocked referrers, et.c) that they have no way to monetise me anyway. They aren't driving me to Amazon to buy products or anything else. I have my family, some photos, a few companies that *I'VE* worked for, and that's about it. I'm infinitely more likely to complain about a company than praise them, so they aren't even getting "social" referrals.
If people are stupid enough to value WhatsApp / Facebook at those amounts, that's their problem - but there is no path, direct or indirect, from the money I spend on Facebook (zero) or WhatsApp (a single £0.69 / annum transaction to buy the app and I haven't even done that, my girlfriend has, to talk with her mates back home) or their affiliates and adverts (zero) to justify any such valuation whatsoever.
Sorry, but you need 27 billion "user-years" of subscriptions to make WhatsApp worth what this says it is. That's everyone on the entire planet buying it religiously for the next three years, and also assuming there is zero cost to provide such service levels at all. It's utter nonsense, and several orders of magnitude out - there are 320m daily active users of WhatsApp. Most of those are probably on the year's free subscription.
Let's call it even 500m people buying the app this year and it's STILL orders of magnitude out. And not even close to what will happen in 5-10 years. And not when Facebook attempt to "monetise" it further.
Sorry, but Facebook makes ZERO from me. If idiots want to pay them money in order to try to get ME to spend money, then well done Facebook. They have truly found a perfect business. But nobody's done that really, and certainly won't get their money's worth even if they did, and that's why Facebook isn't worth what these people claim it to be worth.
Ten-fifteen years ago there was a site called FriendsReunited in the UK. It's a "find your old classmates" kind of site. At its height it was valued and sold for prices in the hundreds of millions (at one point to ITV, a huge broadcaster). It was bigger than Facebook and the only go-to site for that kind of thing. Then it was sold for £5m just a few years later. Now it's virtually dead (because Facebook just walked in and su
I'm almost certainly on one of their lists somewhere then. Makes me feel kinda important.
- Mathematician and computer scientist. - Special personal interest in cryptography, peer-to-peer networking, etc. - Wikileaks visitor back in the early days. Not since the Julian Assange junk, though, it has to be said. Can't stand the guy. - I keep looking at MI5 / GCHQ jobs in the papers and on their website, and their online competitions, but far too peace-loving to actually apply to be one of them. That's gotta flag me for something, surely. - User of Tor, Bittorrent, Bitcoin, etc. - Anti-war. - Like to speak my mind on subjects like the treatment of Turing, why we deal with terrorists so stupidly (what we do that's stupid, what we don't do that's more sensible, and how a dedicated terrorist with the slightest bit of brain could do something much more scary and much more easily than trying to smuggle explosive liquids onto a plane), why America still has people in Guantanamo Bay without fair trial, etc. - Reader of Bruce Schneier, etc. - Always telling people about my mad father-in-law who's worked in Kuwait, the US, etc. and somehow manages to get thrown out of every country he goes to (hint: It's not advised to start a ballroom dancing class in a country where women and men aren't allowed to touch).
If they are even bothering to look at who goes on Wikileaks, I must have at least a little log file with some of my online movements in it somewhere for all of the above, surely. Gosh. I feel privileged. Wonder if anyone has even done background checks / political allegiance checks etc. on me.
That said... who cares. It's their job. The fact that I even KNOW about it (or the EFF does) means that they are more shit at it than they should be.
Let's assume they are right, and we're all going to die if we don't do something.
What the fuck would you like us to do, precisely? And is it going to be better or worse than not doing anything at all?*
Few people seem to have an answer to that question. Which means the "answer" is really "Do nothing, pump a bit more money into research".
There. That's our emergency response. Can we all shut up now?
(* I can't actually think of much worse things in the immediate future than, say, oil running low and becoming prohibitively expensive. That's going to have a MASSIVE impact on the way we all live our lives. People will *die* because they can't run motors, pumps, irrigate land, transport goods, etc. Maybe not in a first-world country, but elsewhere. So what, precisely, is the impact of - for instance - reducing our oil use, or putting prohibitive restrictions on emissions that greatly add to the cost of energy production, or any other reasonable measure? Nobody seems to know, nobody seems to even bother to work it out, and nobody yet knows if it will be better or worse than just polluting the atmosphere until we come up with something better).
So why not... just buy rapeseed... flavour it... and not buy this product?
Substitute "egg" in your recipes for "rapeseed and flavouring". Done.
If things were that simple, and this makes things "cheaper" than just using eggs, I think we'd have done this YEARS ago (manufacturer's and home-cooks).
My guess? It doesn't taste anything close to similar to eggs, and doesn't have anywhere near the cooking properties of eggs, and can't be used in place of eggs in any place where you couldn't have always just used a flavoured oil anyway.
Which is one of the reasons that I treat wireless networks as hostile in my home, and you have to log in via VPN even if you're connected to my wireless.
It's not hard. If you don't trust wireless, and you don't trust the Internet, treat them as the same thing.
I've gamed and accessed my home network using OpenVPN on every client (over wireless and remote) for as long as I've had wireless. No extra ping on any half-decent hardware, utter security and who cares if - as in my case - WEP is flawed and then replaced with flawed WPA and then replaced again?
I do not pay GBP30 for a game. I'd rather buy GBP30-worth of older games. On average, I'll get more value out of them even if there are a couple of stinkers in there.
Indie bundles are my bread-and-butter, provided the games are actually ones I've heard of or look half-decent. I can't stand "greenlight" or "debut" bundles filled with what should be freeware / beta crap. That sort of tat, I can get from anywhere on the net. But nearly the whole series of the Batman games and a couple of randoms thrown in, with Steam keys, for a few dollars? Please take my money.
Basically, I expect - at a minimum - 1 hour of play per GBP I've paid (about USD$2 ?). That's for a game that I find beautiful, amazing, fun, etc. The tat I take a punt on still needs to get near that for me to feel satisfied. And, obviously, quite a lot of games don't even get played for that hour.
The best games I've ever owned are quite literally into figures smaller than 1p (2 cents?) per hour. That's the standard you're competing against. Can't match that? Then I'd rather just play my existing games and not have to pay more money.
I'll go up to about GBP10 for a complete random game that looks fun that I've never heard of and is getting good reviews (from users, not magazines). I expect 10 hours of play out of it.
I will go up to about GBP30 only for real, huge, blockbuster, waiting-for-it-for-years, top-end titles that are going to rock my gaming world. The last was probably Half-life 2. The next will probably be Half-life 3. Because they basically earn that from me in the first few minutes of gameplay, and they are really the exception to the rule.
- What's on Steam
Steam availability is critical, but there are a few exceptions (mainly GOG.com). I don't have a single "gaming" PC, I move my games around. I do not "install" games, they do it themselves when I double-click them nowadays. I have one account I sign in to to get all my games, and all my games, savegames, settings, etc. are on that account.
Origin is a nightmare that I touched once and got bored waiting for a single game to download (literally tens-of-gigabytes of downloading, umpteen updates, restarts, etc. then more downloading before I could even see the main menu), then I deleted Origin - despite having about a dozen games on it from various bundles and duplicates I had.
GOG.com earns a place because it has one-click installers (for quite complex installs sometimes), the original untouched games, a single login and plain HTTP download of the games, no DRM, games you couldn't get elsewhere at the time, and cheap prices. And they don't spew crap across my computer.
GfWL doesn't exist to me except as a stupid requirement for a handful of Steam games that's slowly dying and being patched out of games, as far as I'm concerned.
Desura - a nice in-between of Steam and GOG.com. But the simple fact is that everything on my Desura account is either already on Steam or not something I'm interested in. I honestly don't think I've downloaded a single game from there, but with the indie bundles etc. I have probably a few dozen redeemed on my account there.
Anything else? Probably not interested. Can't even remember the last time I bought a physical PC game disk. Probably Half-life the original, whose CD-key I used to create my Steam account on the second day of Steam existing.
I was without a Windows PC for a while this year and gamed with Steam on Linux. It was great fun, and I was so glad of it. I have since remembered to fund games that I have that have Linux versions (on Steam or otherwise). Honestly, if it came to it, I'd game on Linux full-time quite happily. That only gives me Steam, Desura and GOG.com, really, and that matches perfectly to my Windows tastes.
- What's quick to pick up
In the same way that I don't have time to piss about installing games, I do not have the time to sit through entire games in a single sitting any more, nor to spend hours levell
That's the way I do things, too, but the critical first step is to secure the borders.
My usual home setup is actually:
Internet router (everything disabled and DMZ enabled so it merely pipes all traffic to next device without processing it, like a modem). - to - Router / firewall (which treats all external traffic as hostile). - to - Wireless AP and LAN (separate ports / numbering / VLAN)
But even there, the Wireless has client separation (so one dodgy PC on the wireless can't see another), it's treated as "untrusted" to all my client devices (so they are providing software firewall to all traffic too) and they actually VPN into the router/firewall to do everything. Not going to get stung by all that WEP/WPA/WPA2 junk going wrong, historically they just aren't secure enough and I don't trust them.
It blows people's minds that I can give them the wireless key and they STILL can't do anything while my computers (with their VPN keys) work just fine over it, and the performance impact is absolutely negligible even for gaming (it has to go through the same network devices anyway, and there are no more round-trips than normal, just a tiny bit of encryption at each end which on a modern machine isn't worth worrying about). I have guest wireless access which I can manually enable if people are over, and it obviously does nothing more than lets them talk out (not to the LAN).
The router/firewall is the only device "at risk" and I take great care to make it do as little processing as possible and to separate out the networks (wireless is, again, untrusted on that router but it can access the VPN port, LAN is "trusted" and all-cabled, the only external access is via the VPN port).
Almost no impact on my life past setup (have to install the VPN client and keys on a new computer - takes about a minute - and you're putting in WPA2 keys etc. at that stage anyway, so no big deal). The VPN auto-connects and verifies the server whenever it's on the home wireless - I don't have to click anything at all. When an authenticated device is taken outside the home, the same VPN software can connect remotely with the same keys.
None of this MAC authentication crap - a MAC is too easily read and forged. You have to have my VPN keys (and hence, have been seen, verified and installed by me) to get anywhere. They are non-reversible, revokable, and can be limited in any number of ways (i.e. internal but not external access, external access but no file-sharing, etc.)
The setup of the whole thing I have redone every few years when I've moved house or whatever. It never takes very long. My girlfriend has zero problems with it - it all "just works" after a one-minute VPN client/key install. I game and don't notice any problems.
And yet, when you look at the junk in the logs that comes out of a single friend's wireless connection or bounces off from the Internet-side of things, it's scary.
Despite what you might think in the modern day, exposing things to the Internet unnecessarily is still just asking for problems. Especially things with firmware rather than regularly- and automatically-updated software.
Yes, we all run websites. Yes, we have RDS and VPN and all kinds of clever technology. And, yes, I'm sure you "keep it up to date" and have 28-digit passwords.
But that doesn't change the fact that the connection that comes into your business/home is "hostile". It receives rogue packets and attacks 24 hours a day whether you know it or not. In fact, it's kind of a credit to most firewalls how LITTLE you actually notice coming down the line because it's just handling all the obvious attacks and scans all the time.
But every port you open, everything you expose past your firewall (and even your firewall can be a problem if it's not good enough to handle unusual packets like a lot of ADSL routers that crash if they get too many connections or large packets, etc.) is a risk. Honestly. It's a risk.
If you buy some cheap piece of commodity hardware and port-forward direct to it on the standard ports, you are relying on the security of that device to keep intruders out - not your firewall.
If it's some cheap router, or some crappy CCTV PVR or a games console or even just a test experiment or network switch or something else in your home, then you are relying on THAT to be a secure gateway from attacks from the Internet. And guess what, the weakest link in the chain will be the first exploited.
Please, before you go exposing this crap to the general Internet, limit its damage potential. Don't put it on your local network, but a VLAN of some kind. Don't forward every port. Don't have things like UPnP enabled (which is just automated, authentication-less port-forwarding). Put some authentication on it. Don't rely on some web interface knocked up by a foreign CCTV manufacturer, intended as a GUI for the local network to be as trusted as your firewall.
Similarly, don't let these cheap, shit ADSL routers to be exposed to the general Internet while having all your personal files on them (and presumably running Samba, Bonjour, FTP, all kinds of shit to the local network to let you access them). Just... don't.
You want to do this kind of thing? Use the VPN functions and make sure you keep on top of their updates and security. They will allow you to join the local network remotely, and that local network can be as insecure as you like with this cheap shit dangling off it unauthenticated if you like, as your VPN access can be secured, logged, audited and checked quite easily.
Don't allow some piece of firmware junk, probably written in some C/Perl CGI/PHP that hasn't been updated since the day it started working enough to be saleable, to be your public face and guardian on the Internet.
The principle applies all the way up too. Don't put AD controllers on the visible Internet. Don't let your public RDS server be the same as your DC or even on the same VLAN. Don't run IIS exposed to the world for some crappy HP utility, or external page.
Do what those weird old tech guys used to do for decades and limit your exposure at all times. Sandboxing, VLAN'ing, permissioning, auditing. And, in the extreme, run a server OUTSIDE your home for this kind of shit. Seriously, VPS and cloud server with large storage allocations are cheap as chips nowadays. And they are kept up to date for you. And if someone compromises them, you have someone to blame AND you can be sure they haven't popped onto your home network and downloaded everything off your private laptop too.
If some random consumer buys this crap and gets attacked, that's their problem. This is a site for damn geeks, though. We should know this kind of stuff. We should be advising against this kind of stuff. I should be able to nmap any one of you, at home or at work, and come up with nothing but a handful of secured ports running the latest software (if any
And, let's face it, he probably had a lot of time to sit and do not much else.
A new amateur astronomer nowadays would probably get bored around the hour mark.
Like they say about the constellations and the ancients' observations of the stars - there probably wasn't much else to do at night and the sky is quite pretty and interesting.
It's not like Windows where you basically are expected to run everything as one user, create a Steam user which you can only "su" to from certain other users, and then set up a script to automatically make it run Steam only as a user that has access to nothing but Steam.
But to be honest what's the point? What precisely are they going to do with the hash of a domain name that you looked up, not even visited? The bans are not going to be based on that information. You can't ban someone just because they strayed or were enticed into looking up a domain that might host a cheat, only if they actually use those cheats.
I reckon they are using it to find similar users and spot trends more than anything else. If a load of confirmed cheaters all have the same hash in their history, but not most people, then its likely that it's worth looking into other user's with that same hash (or at least taking it into account when someone reports a new cheat).
I'm a Steam fan, it has to be said, but while them looking at my domain history concerns me, they are at least hashing them and they have a full browser in the Steam client. If they want to track my visits, that's infinitely more worrying and does all sorts of cookie stuff (alright, you have to be running Steam and using their browser to visit whatever, but that's still much more info than the hash of a domain I looked up).
Also, in case you hadn't noticed, the name of domains you looked up all go to your DNS server. If that's not a local one, you're already pushing this information in plain text across the Internet. Please tell me that you're not using Google or OpenDNS before you came to whine on this post.
Plus, even aside from all the above, there is no real evidence that they are actually transmitting or collecting this information. Someone's just gone into the new anti-cheat modules with a disassembler and seen something suspicious. Doesn't mean that it's even enabled, or not test code. Nobody has yet seen it actually do this stuff (and what would it take? Wireshark and five minutes?).
If you're using DNSSEC exclusively, didn't read the Steam agreement, are running as a completely unprivileged user (without even access to the name cache, on Linux, presumably?), and can confirm that what is alleged is actually happening, then maybe you have a case to be miffed.
Otherwise? I have bigger privacy worries every time I send an email.
P.S. Damn lameness filter, what the hell are you seeing?
Sorry, but don't talk rubbish. A £100 (so $200 at best) Celestron reflector will show your kids Jupiter, Saturn, individual craters on Mars, come with tripod, EQ mount and a range of eyepieces. An extra $50 or so and you can get a kit of cheap eyepieces and a barlow in a nice Celestron-branded kit.
You'll see rings on Saturn quite clearly, you'll see the stripes in the atmosphere of Jupiter. I know, I've done it. And inside London, from my backyard (with streetlights and near major roads and cities, and with houses around, in front of and behind me). Damn, I can't even see the Milky Way or more than the Plough on even the clearest night with the naked eye but a simple 75mm reflector with cheap eyepieces will perform wonders.
Scale down and even the cheapest scope will get a kid interested if it's done right. Hell, I had a crowd of adults around my telescope when I dug it out at my last dinner party and we only aimed it at the Moon (and people were going back for second, third, fourth goes at it with other eyepieces).
I hate people who think you have to spend thousands of dollars on ANYTHING in order to enjoy it as an amateur. If anything, people like YOU put off amateurs more than a cheap Galileo-themed telescope that won't quite pick out individual aliens on extra-solar worlds.
As someone who's just got into telescopes themselves after years of my brother casually using a telescope worth more than my car (he's an astrophysicist, though, so that's his game) I was bought a relatively cheap amateur one.
I was quite surprised, in modern times, to be able to see Jupiter's clouds and Saturn rings quite clearly within only a few hours of learning how to use the damn thing and picking targets by eye (none of this Go-To crap), in my backyard, in the crowded suburbs of London, with streetlights only a few meters away, on a pseudo-clear night. And I didn't have RA motors or even proper polar alignment, I was literally just chasing the brightest dots around the sky manually to look at them.
I know astronomy was "easier" for the ancients and for Galileo-era astronomers without such hurdles, but I had always assumed that they pretty much were cancelled out by the poor quality of the optics back then. But I was quite amazed to be able to clearly see, with a £100 scope and the default eyepieces, such detail wobbling in front of me because of the heat of the atmosphere near me.
And even photographing them was much easier than I was led to believe (though I really need to polar-align and get my brand-new RA motor set up so I can do longer exposures).
Honestly, I thought it would be so much harder, hearing for years from well-known astronomers like Sir Patrick Moore, etc. how much the cities destroyed the night sky. I'm sure they do. I'm sure that I *should* be able to see the Milky Way unaided. But, damn, a tiny £100 Newtonian with its supplied cheap mount and eyepieces can do wonders.
I'm not claiming some great feat of astronomy, I'm sure this hasn't really been a shock to anyone who was interested in amateur astronomy before me. But I'm also sure Galileo saw quite clearly a lot of things that were always visible and easy to record, just maybe not always surface detail and rings (which I'm sure he would have thought were there, even if it was just on the edge of his brain supplying that brief glimpse of the whole object through his imperfect lenses and low magnification scope against the shimmering atmosphere and movement of his equipment).
I have a page on my website (warning: long and boring) where I show my first-ever (and worst) images taken through my scope. Sure, it's a 70mm aperture, but I can't imagine that Galileo was seeing that much worse, but maybe distorted and more "lucky" good shots as it went into the smooth parts of his optics.
He might have had to spend years with craftsmen and glass-blowing skills, honing his devices, but I'm pretty sure he would have been able to see almost as much as anyone can - even modern city-dwellers - with just a cheap scope.
When I can go to a paintball place and play "CS". Take a fake gun, run over a real terrain that I can see in the virtual world, and my "shots" register as if they were real and take players out of the game once they are "dead" in-game.
Once we get to that level of head-tracking, arm-tracking, freedom-of-movement (i.e. running around in an arena / studio / forest and having the VR know exactly where we are and overlay the virtual world accordingly, thus allowing me to only camp on some high perch if I can physically get there myself), virtual-overlay-over-real-world, and convincing colour/resolution/graphics then I'll consider it proper VR.
Fact is, we were decades off that years ago and we're still decades off it now. Back in the Quake days, I was saying that someone really needs to set up a cyber-cafe type place, with the equivalent of a paintball "arena" inside it (make it bland, or green-screen, or filled with tracking dots, just make it cheap and let the VR fill in the gaps), and - back then - one of those huge stupid VR headsets on your head so you look like the kids from Knightmare running around. Hell, even for Quake-era graphics we'd still struggle to make it convincing even today (even if you mapped perfectly the arena into the virtual world).
The problems of VR are not simple computing problems. It's much more about ergonomics, persistence-of-vision, instantaneous feedback, movement through 3D space, miniaturisation and precise tracking than anything to do with the software you actually run.
And, of course, some obvious things:
- a flat 2D surface in front of your eyes is *not* like a 3D world when your eye tracks (no matter how close it gets). It does not "curve" the same way. So now you need a tiny, bright, hi-res, portable, low-power FLEXIBLE display too which doesn't distort the image too much. Oh, two of them.
- You cannot place g-forces on the user that they aren't creating themselves (so lots of fancy flight sims are nice, but you still need to be in a seat that moves you about)
- Being moved upside-down can only really be replicated by being moved ALMOST all the way upside-down. It's hard to cheat, in a local gravity field, without interfering with the internals of people's ears. (Maybe when we get to space? But then who wants VR when you're in space?!).
- When you solve all these problems, there's still not much call for it except for gaming. You're again limited to what the human body can do whereas before you were, well, able to do whatever the software let you. Imagine Minecraft VR... it'd be the most boring day out in the world (and I actually quite like Minecraft). I can remember back in the 80's, towns in the UK would commission VR walkthroughs of new shopping centres etc. and use the old VR headsets to show people. Last time I saw one? The 80's. How old is something like VRML? Netscape 2.0 (remember the days of places giving you "3D flythroughs" of their new buildings?).
It's not that we couldn't do this before, it's that we gave up because it wasn't commercially viable for a long time because nobody was buying it. I don't doubt we can make it more viable, but whether it'll be mainstream? That's a seriously long way into the future. I've yet to see a Google Glass user, let alone an Oculus Rift user. Anyone remember the Nintendo VR attempt - Virtual Boy? No? Probably a reason for that?
I'm quite happy that Valve are buying into the Oculus Rift and pushing it forward as it's undoubtedly the closest to a consumer VR tech that we have. But we're a long way off it being anything more than a Wiimote-like gimmick.
Multiple hours perusing pictures, measurements taken, etc.
One full house survey by a professional paid to represent my interests.
One full house survey by a professional paid to represent my mortgage companies interests.
Numerous agents to find a house that met the criteria in the first place.
Several lawyers representing my interests at all points (including legally sound paperwork and things like the double-glazing not having been fitted by a FENSA-registered fitter, which we then paid into an "insurance" to protect ourselves for).
Three separate neighbourhood checks (driving around at end of school day, end of work day, late at night) to spot potential problems.
Check into planning changes in a 5 mile radius (required by law)
Check on land ownership and boundaries, with diagrams (required by law)
Check on utility and sewage flow, with diagrams and liabilities clearly highlighted (required by law)
Check on the energy usage of the house (required by law)
Cars:
Vehicle check by law (MOT).
Additional vehicle check for thefts etc.
Roadworthiness report by my father.
Test drive by myself.
Test drive by my girlfriend.
Legal document with previous owner's name and address (by law) should I need to take it back.
(And I guarantee you my car costs less than an iPhone!).
And, to be honest, I'm not even that rigorous. I've seen people do a lot more for a lot less.
And how do you think a house is comparable? Other people taking my house for a test, or similar houses in the road and asking their opinion? No.
A car? You can be damn sure I knew what exactly model I was buying (no Peugeots, no Citroens, no Toyotas), and it was secondhand so I was even more rigorous. But with a brand-new car? You can be damn sure I'd be Googling for reviews by people who bought the model before I touched it.
Just because you're an idiot, don't assume everyone else is.
Slashdot Mirror
Worse for me.
Because of the US's stupid attitude towards terrorism, their allies (like my country) followed suit FOR NO OTHER REASON than to keep the US happy.
We've had worse terrorism, going on for longer, from much more dangerous and determined people. And we had none of this junk until the US decided to dictate what "wars" we should or should not get involved in.
I have the same ludicrous restrictions despite the fact that no such incident ever occurred on UK soil (and despite the fact that we had the Lockerbie bombing and all manner of IRA attacks DECADES earlier and never had to introduce shit like this for our security before).
The US has screwed my country's freedom. And then they wonder why other countries (like ones where they storm in, bomb the crap out of innocents, take out some terrorists - well, we assume those people they kidnapped to Guantanamo and never gave a fair trial and who are still there over 10 years later were terrorists - and then leave others to pick up the mess for years at an almost unbelievable expense) don't like them enough that their people attack them.
If your job is stupid, then YOU need to tell your boss.
We already are. And we're hassling you because it's so stupid. The next step in the chain is for you to hassle your boss.
I've yet to hear, say, the TSA go on strike over the ridiculous things they are being asked to do, and getting complaints from the public over.
You can't just say "We think it's stupid too, but we haven't told anyone." It's up to you to feedback to the appropriate management what a huge waste of time this is, and how much negative feeling it's generating.
"Sorry, mate, not my fault, just doing my job"... the phrase that will end the world.
A couple of dollars, per quarter, per user. From advertisting. Sure, there are users giving money to Facebook directly but - NOT ME. And not most people, obviously.
http://venturebeat.com/2013/10...
The money comes from advertisers. Do those advertisers make that money from users? Pretty much no. They might think that, but they aren't. We're not giving advertiser's money, lots more money than we are directly pumping into Facebook by buying in-game currency etc.
Someone else is. Businesses are. Whether they get a return on that is, like Google ad revenue, extremely hard to determine but incredibly unlikely for the majority of them.
And, like I say, if that's how they are using me to make money - I don't click on adverts, don't let ad referrals propagate back to sellers I was using anyway, and if they push too much (no way they are showing the average user enough adverts to justify a dollar from each of them per quarter) they will kill the business flat.
In case you haven't noticed - most places that spend money on advertising just don't see it back in increased revenue at all. Groupon can show you that. And almost every Facebook ad I see is small-fry Google-ad territory, where I doubt they even had enough free money to advertise in the first place, not "Coke" or "Pepsi" or "Microsoft" doing it.
*I'm* not paying for Facebook at all. Stupid advertisers that won't see their money back - ever - are. It doesn't mean that's not how Google are funded either. But the advertisers that have paid to get to me, and the things I do on Facebook, generate no money whatsoever - and certainly not once you count profit instead of revenue (income). Facebook is not free to run. And for sure I'm costing it more than a dollar per quarter.
But patent infringement is not inherent to Android alone.
If you make any kind of modern tablet device, the patents basically cover all models, all OS, etc. Kind of the idea of a patent rather than copyright.
As such, the patent issue is separate and unavoidable anyway, whether you're using someone else's code, your own code, or your own interpretation of their code. Or even just slapping Windows onto an tablet / smartphone-like device.
P.S. The Play Store EULA allows this. It only mentions "a device supplied with a version of Android" as the requirement to be licensed to use Play Store, last time I read it... I was that worried, I checked.
Support I should think.
If they only tack it onto supported devices from manufacturer's playing ball, they don't have to worry about compatibility etc.
They distinguish, as it is, that my manky Galaxy Ace is not able to run apps that other phones / tablets are able to run. Hence they are already wasting a lot of my time when I go to an interesting app only to find it's not compatible.
Throw in fifty brands of cheap unofficial tablet and they have no way to test compatibility to that fine a degree. And when they want to obsolete a particular model / Android version it becomes much harder is the company isn't around any more (and / or kicks up a fuss when all their models stop being able to use the Play store).
It's all to do with manufacturer's agreements and clauses within them that give them an obligation to keep up to date with Android version, security problems, etc. I should imagine.
That said, there's pretty much nothing Android that you can't hack some version of the Play store onto, even if it's just manually getting an old Play Store APK file and installing it.
Google don't seem to "block" that, they just don't support it. I set up several brands of cheap tablet onto Play Store for my former employer and it still lets you install Store apps, Google Apps for Domains, etc. and it quite obviously recognises what the device is (it sucks off the manufacturer name from the tablet presumably) and knows it's not a model that Play Store was ever bundled with.
Depends on what you mean by targeted.
Was their data concerning a website they visited collected without their knowledge? If the article is right, almost certainly.
Was it analysed? Probably.
Were people then sneaking into the back garden going through their trash looking for Julian Assange? Probably not.
Nobody is saying that millions of people were observed to any great detail. What we're saying is that GCHQ et al were looking at data sent by visitors to a particular website covertly. All visitors. Foreign and domestic. Without their knowledge.
If I did that, it'd be a breach of the Data Protection Act at the very minimum. Apparently they are "allowed" to, whether officially or not. But it's pretty certain that they intercepted data intended for a sensitive website without the website/viewers consent.
How much of a problem that is is a matter of interpretation.
If nothing else, this just adds more weight to the "let's anonymise, encrypt and obscure everything" argument.
By a certain definition, the War On Terror was - itself - terrorism. It's purpose was basically stated as making "terrorism" so scary to contemplate based on a threat of violence and economic destruction, that people wouldn't do it.
It "worked" (for a certain definition of that word) only because the majority of places decided not to stand against the biggest guy in the room. That works only until those places change their mind, get together, or that guy isn't so big any more. Did it stop the overall existence of terrorism? Not really. We just haven't had a similar scale of it recently, that's all.
Think "Swordfish". All it does is escalate the terrorism into meta-terrorism and meta-meta-terrorism. Like an argument with your kid brother - left unsupervised it'll turn to blows, which will be reciprocated until someone is so hurt they are afraid to fight back because it'll hurt more (until... well... they see a weak spot, or decide it doesn't hurt as much as it used to, etc.).
Terrorists aren't a "thing". They don't have a little Terrorist gene that switches on at puberty. They don't come from certain ethnic minorities or religions. They don't live in certain countries or use certain tactics.
Terrorism is a type of threat. Anyone can make such a threat, or receive it. Give me your wallet or I'll punch you is "terrorism".
As such, the War on Terror was even more laughable (if such a stupidly huge impact on the world can be considered laughable at all). It's like having a war on naughtiness. Or even a war on wars.
The Dambusters could be construed as terrorists.
The D-Day landers.
Even the planes that dropped propoganda into Nazi Germany to scare people into submission.
It all very much depends which side of the terror you are on. And the problem is that EVERYONE always thinks they are on the "right" side, even of their own terrorism.
So is Guantanamo Bay. Quite clearly and obviously.
The question (which has no answer for the likes of you and me) is: What the hell do you expect others to do about it?
Read the next paragraph about Guantanamo, or about spying privacy violations. Tell me where it would differ:
"For sure, I hoped my country would at least condemn such actions. They didn't. Wars have been started over less. Nothing happened. We've sanctioned countries because of less. No such thing occurred. 'We' got it onto the news, into other media, made people aware. Still going on. The people protested about it. No change in legislation or international relations. It's been a long time since the initial news broke. Still happening, just the same."
So what's the difference? I can protest. I can complain to an MP. I can make a fuss and get in the news. But, to be honest, what precisely is going to make a government stop such things? Nothing at the moment. If these revelations aren't big enough to cause turbulence in international watchdogs, the UN, our allies, etc. then what would be?
Fact is, all I can do is whinge about it. Hell, even if they target me specifically, there's almost nothing I can do and I'd have to be just about the most superhuman person to come out the other end as a victor, having escaped their clutches, shown them up in the media, proven that they acted without cause, and won the majority of the populous to my side etc.
There is no solution that does not involve creating an entity with even more power, even more secrecy that's even less accountable.
Sorry, but I've given Facebook precisely zip.
My having an account is not going to turn into a guilt-trip to make me think I'm funding idiocy like this. Facebook isn't worth what its share prices say its worth, any more than WhatsApp is worth anything even APPROACHING a billion, let alone 19 of them. But it's not my fault.
If someone is stupid enough to give Facebook / Whatsapp this kind of money, it's certainly not someone like me. If they are paying that to try to reach me, more fool them. If you don't notice, you'd be BETTER OFF giving everyone on Facebook, say, £100 and asking them to spend it on your mate's products. It's literally that bad.
And trying to get even just my share of, say, $19bn out of my Facebook account will almost certainly end up in me terminating it. Try putting more than a few ads on the Facebook page and I'm off. As it is the "sponsored" updates are annoying me. You'll be lucky if Facebook's "income" from any one person is even pence, in terms of clicked ads etc., before you even count out costs they've incurred to Facebook.
And I can state with quite a high degree of certainty that all of the companies that have given Facebook money - none of that has come from me. I've never clicked on an ad, let alone the bollocks Facebook ads that can't even be bothered to read my interests that I've taken the time to put on my Facebook account. If they've paid to spam me, I haven't even noticed and if I do notice, I'm off. It's that simple.
But, actually, nobody has made me spend money with them by tapping into the information I provide Facebook at all. In fact, just the opposite. Spamming me for US-based VPS servers just because I have IT-related interest doesn't help a Brit like me at all - but Facebook gets so little other information from me (blocked referrers, et.c) that they have no way to monetise me anyway. They aren't driving me to Amazon to buy products or anything else. I have my family, some photos, a few companies that *I'VE* worked for, and that's about it. I'm infinitely more likely to complain about a company than praise them, so they aren't even getting "social" referrals.
If people are stupid enough to value WhatsApp / Facebook at those amounts, that's their problem - but there is no path, direct or indirect, from the money I spend on Facebook (zero) or WhatsApp (a single £0.69 / annum transaction to buy the app and I haven't even done that, my girlfriend has, to talk with her mates back home) or their affiliates and adverts (zero) to justify any such valuation whatsoever.
Sorry, but you need 27 billion "user-years" of subscriptions to make WhatsApp worth what this says it is. That's everyone on the entire planet buying it religiously for the next three years, and also assuming there is zero cost to provide such service levels at all. It's utter nonsense, and several orders of magnitude out - there are 320m daily active users of WhatsApp. Most of those are probably on the year's free subscription.
Let's call it even 500m people buying the app this year and it's STILL orders of magnitude out. And not even close to what will happen in 5-10 years. And not when Facebook attempt to "monetise" it further.
Sorry, but Facebook makes ZERO from me. If idiots want to pay them money in order to try to get ME to spend money, then well done Facebook. They have truly found a perfect business. But nobody's done that really, and certainly won't get their money's worth even if they did, and that's why Facebook isn't worth what these people claim it to be worth.
Ten-fifteen years ago there was a site called FriendsReunited in the UK. It's a "find your old classmates" kind of site. At its height it was valued and sold for prices in the hundreds of millions (at one point to ITV, a huge broadcaster). It was bigger than Facebook and the only go-to site for that kind of thing. Then it was sold for £5m just a few years later. Now it's virtually dead (because Facebook just walked in and su
I'm almost certainly on one of their lists somewhere then. Makes me feel kinda important.
- Mathematician and computer scientist.
- Special personal interest in cryptography, peer-to-peer networking, etc.
- Wikileaks visitor back in the early days. Not since the Julian Assange junk, though, it has to be said. Can't stand the guy.
- I keep looking at MI5 / GCHQ jobs in the papers and on their website, and their online competitions, but far too peace-loving to actually apply to be one of them. That's gotta flag me for something, surely.
- User of Tor, Bittorrent, Bitcoin, etc.
- Anti-war.
- Like to speak my mind on subjects like the treatment of Turing, why we deal with terrorists so stupidly (what we do that's stupid, what we don't do that's more sensible, and how a dedicated terrorist with the slightest bit of brain could do something much more scary and much more easily than trying to smuggle explosive liquids onto a plane), why America still has people in Guantanamo Bay without fair trial, etc.
- Reader of Bruce Schneier, etc.
- Always telling people about my mad father-in-law who's worked in Kuwait, the US, etc. and somehow manages to get thrown out of every country he goes to (hint: It's not advised to start a ballroom dancing class in a country where women and men aren't allowed to touch).
If they are even bothering to look at who goes on Wikileaks, I must have at least a little log file with some of my online movements in it somewhere for all of the above, surely. Gosh. I feel privileged. Wonder if anyone has even done background checks / political allegiance checks etc. on me.
That said... who cares. It's their job. The fact that I even KNOW about it (or the EFF does) means that they are more shit at it than they should be.
My biggest problem?
Let's assume they are right, and we're all going to die if we don't do something.
What the fuck would you like us to do, precisely? And is it going to be better or worse than not doing anything at all?*
Few people seem to have an answer to that question. Which means the "answer" is really "Do nothing, pump a bit more money into research".
There. That's our emergency response. Can we all shut up now?
(* I can't actually think of much worse things in the immediate future than, say, oil running low and becoming prohibitively expensive. That's going to have a MASSIVE impact on the way we all live our lives. People will *die* because they can't run motors, pumps, irrigate land, transport goods, etc. Maybe not in a first-world country, but elsewhere. So what, precisely, is the impact of - for instance - reducing our oil use, or putting prohibitive restrictions on emissions that greatly add to the cost of energy production, or any other reasonable measure? Nobody seems to know, nobody seems to even bother to work it out, and nobody yet knows if it will be better or worse than just polluting the atmosphere until we come up with something better).
Okay, for those who don't see it.
You're trying to sell me flavoured rapeseed.
So why not... just buy rapeseed... flavour it... and not buy this product?
Substitute "egg" in your recipes for "rapeseed and flavouring". Done.
If things were that simple, and this makes things "cheaper" than just using eggs, I think we'd have done this YEARS ago (manufacturer's and home-cooks).
My guess? It doesn't taste anything close to similar to eggs, and doesn't have anywhere near the cooking properties of eggs, and can't be used in place of eggs in any place where you couldn't have always just used a flavoured oil anyway.
Which is one of the reasons that I treat wireless networks as hostile in my home, and you have to log in via VPN even if you're connected to my wireless.
It's not hard. If you don't trust wireless, and you don't trust the Internet, treat them as the same thing.
I've gamed and accessed my home network using OpenVPN on every client (over wireless and remote) for as long as I've had wireless. No extra ping on any half-decent hardware, utter security and who cares if - as in my case - WEP is flawed and then replaced with flawed WPA and then replaced again?
It's flavoured rapeseed oil, then.
Lovely.
- What's cheap.
I do not pay GBP30 for a game. I'd rather buy GBP30-worth of older games. On average, I'll get more value out of them even if there are a couple of stinkers in there.
Indie bundles are my bread-and-butter, provided the games are actually ones I've heard of or look half-decent. I can't stand "greenlight" or "debut" bundles filled with what should be freeware / beta crap. That sort of tat, I can get from anywhere on the net. But nearly the whole series of the Batman games and a couple of randoms thrown in, with Steam keys, for a few dollars? Please take my money.
Basically, I expect - at a minimum - 1 hour of play per GBP I've paid (about USD$2 ?). That's for a game that I find beautiful, amazing, fun, etc. The tat I take a punt on still needs to get near that for me to feel satisfied. And, obviously, quite a lot of games don't even get played for that hour.
The best games I've ever owned are quite literally into figures smaller than 1p (2 cents?) per hour. That's the standard you're competing against. Can't match that? Then I'd rather just play my existing games and not have to pay more money.
I'll go up to about GBP10 for a complete random game that looks fun that I've never heard of and is getting good reviews (from users, not magazines). I expect 10 hours of play out of it.
I will go up to about GBP30 only for real, huge, blockbuster, waiting-for-it-for-years, top-end titles that are going to rock my gaming world. The last was probably Half-life 2. The next will probably be Half-life 3. Because they basically earn that from me in the first few minutes of gameplay, and they are really the exception to the rule.
- What's on Steam
Steam availability is critical, but there are a few exceptions (mainly GOG.com). I don't have a single "gaming" PC, I move my games around. I do not "install" games, they do it themselves when I double-click them nowadays. I have one account I sign in to to get all my games, and all my games, savegames, settings, etc. are on that account.
Origin is a nightmare that I touched once and got bored waiting for a single game to download (literally tens-of-gigabytes of downloading, umpteen updates, restarts, etc. then more downloading before I could even see the main menu), then I deleted Origin - despite having about a dozen games on it from various bundles and duplicates I had.
GOG.com earns a place because it has one-click installers (for quite complex installs sometimes), the original untouched games, a single login and plain HTTP download of the games, no DRM, games you couldn't get elsewhere at the time, and cheap prices. And they don't spew crap across my computer.
GfWL doesn't exist to me except as a stupid requirement for a handful of Steam games that's slowly dying and being patched out of games, as far as I'm concerned.
Desura - a nice in-between of Steam and GOG.com. But the simple fact is that everything on my Desura account is either already on Steam or not something I'm interested in. I honestly don't think I've downloaded a single game from there, but with the indie bundles etc. I have probably a few dozen redeemed on my account there.
Anything else? Probably not interested. Can't even remember the last time I bought a physical PC game disk. Probably Half-life the original, whose CD-key I used to create my Steam account on the second day of Steam existing.
I was without a Windows PC for a while this year and gamed with Steam on Linux. It was great fun, and I was so glad of it. I have since remembered to fund games that I have that have Linux versions (on Steam or otherwise). Honestly, if it came to it, I'd game on Linux full-time quite happily. That only gives me Steam, Desura and GOG.com, really, and that matches perfectly to my Windows tastes.
- What's quick to pick up
In the same way that I don't have time to piss about installing games, I do not have the time to sit through entire games in a single sitting any more, nor to spend hours levell
That's the way I do things, too, but the critical first step is to secure the borders.
My usual home setup is actually:
Internet router (everything disabled and DMZ enabled so it merely pipes all traffic to next device without processing it, like a modem).
- to -
Router / firewall (which treats all external traffic as hostile).
- to -
Wireless AP and LAN (separate ports / numbering / VLAN)
But even there, the Wireless has client separation (so one dodgy PC on the wireless can't see another), it's treated as "untrusted" to all my client devices (so they are providing software firewall to all traffic too) and they actually VPN into the router/firewall to do everything. Not going to get stung by all that WEP/WPA/WPA2 junk going wrong, historically they just aren't secure enough and I don't trust them.
It blows people's minds that I can give them the wireless key and they STILL can't do anything while my computers (with their VPN keys) work just fine over it, and the performance impact is absolutely negligible even for gaming (it has to go through the same network devices anyway, and there are no more round-trips than normal, just a tiny bit of encryption at each end which on a modern machine isn't worth worrying about). I have guest wireless access which I can manually enable if people are over, and it obviously does nothing more than lets them talk out (not to the LAN).
The router/firewall is the only device "at risk" and I take great care to make it do as little processing as possible and to separate out the networks (wireless is, again, untrusted on that router but it can access the VPN port, LAN is "trusted" and all-cabled, the only external access is via the VPN port).
Almost no impact on my life past setup (have to install the VPN client and keys on a new computer - takes about a minute - and you're putting in WPA2 keys etc. at that stage anyway, so no big deal). The VPN auto-connects and verifies the server whenever it's on the home wireless - I don't have to click anything at all. When an authenticated device is taken outside the home, the same VPN software can connect remotely with the same keys.
None of this MAC authentication crap - a MAC is too easily read and forged. You have to have my VPN keys (and hence, have been seen, verified and installed by me) to get anywhere. They are non-reversible, revokable, and can be limited in any number of ways (i.e. internal but not external access, external access but no file-sharing, etc.)
The setup of the whole thing I have redone every few years when I've moved house or whatever. It never takes very long. My girlfriend has zero problems with it - it all "just works" after a one-minute VPN client/key install. I game and don't notice any problems.
And yet, when you look at the junk in the logs that comes out of a single friend's wireless connection or bounces off from the Internet-side of things, it's scary.
Dear IT People,
Despite what you might think in the modern day, exposing things to the Internet unnecessarily is still just asking for problems. Especially things with firmware rather than regularly- and automatically-updated software.
Yes, we all run websites. Yes, we have RDS and VPN and all kinds of clever technology. And, yes, I'm sure you "keep it up to date" and have 28-digit passwords.
But that doesn't change the fact that the connection that comes into your business/home is "hostile". It receives rogue packets and attacks 24 hours a day whether you know it or not. In fact, it's kind of a credit to most firewalls how LITTLE you actually notice coming down the line because it's just handling all the obvious attacks and scans all the time.
But every port you open, everything you expose past your firewall (and even your firewall can be a problem if it's not good enough to handle unusual packets like a lot of ADSL routers that crash if they get too many connections or large packets, etc.) is a risk. Honestly. It's a risk.
If you buy some cheap piece of commodity hardware and port-forward direct to it on the standard ports, you are relying on the security of that device to keep intruders out - not your firewall.
If it's some cheap router, or some crappy CCTV PVR or a games console or even just a test experiment or network switch or something else in your home, then you are relying on THAT to be a secure gateway from attacks from the Internet. And guess what, the weakest link in the chain will be the first exploited.
Please, before you go exposing this crap to the general Internet, limit its damage potential. Don't put it on your local network, but a VLAN of some kind. Don't forward every port. Don't have things like UPnP enabled (which is just automated, authentication-less port-forwarding). Put some authentication on it. Don't rely on some web interface knocked up by a foreign CCTV manufacturer, intended as a GUI for the local network to be as trusted as your firewall.
Similarly, don't let these cheap, shit ADSL routers to be exposed to the general Internet while having all your personal files on them (and presumably running Samba, Bonjour, FTP, all kinds of shit to the local network to let you access them). Just... don't.
You want to do this kind of thing? Use the VPN functions and make sure you keep on top of their updates and security. They will allow you to join the local network remotely, and that local network can be as insecure as you like with this cheap shit dangling off it unauthenticated if you like, as your VPN access can be secured, logged, audited and checked quite easily.
Don't allow some piece of firmware junk, probably written in some C/Perl CGI/PHP that hasn't been updated since the day it started working enough to be saleable, to be your public face and guardian on the Internet.
The principle applies all the way up too. Don't put AD controllers on the visible Internet. Don't let your public RDS server be the same as your DC or even on the same VLAN. Don't run IIS exposed to the world for some crappy HP utility, or external page.
Do what those weird old tech guys used to do for decades and limit your exposure at all times. Sandboxing, VLAN'ing, permissioning, auditing. And, in the extreme, run a server OUTSIDE your home for this kind of shit. Seriously, VPS and cloud server with large storage allocations are cheap as chips nowadays. And they are kept up to date for you. And if someone compromises them, you have someone to blame AND you can be sure they haven't popped onto your home network and downloaded everything off your private laptop too.
If some random consumer buys this crap and gets attacked, that's their problem. This is a site for damn geeks, though. We should know this kind of stuff. We should be advising against this kind of stuff. I should be able to nmap any one of you, at home or at work, and come up with nothing but a handful of secured ports running the latest software (if any
Precisely.
And, let's face it, he probably had a lot of time to sit and do not much else.
A new amateur astronomer nowadays would probably get bored around the hour mark.
Like they say about the constellations and the ancients' observations of the stars - there probably wasn't much else to do at night and the sky is quite pretty and interesting.
Why not just run Steam as a different user?
It's not like Windows where you basically are expected to run everything as one user, create a Steam user which you can only "su" to from certain other users, and then set up a script to automatically make it run Steam only as a user that has access to nothing but Steam.
But to be honest what's the point? What precisely are they going to do with the hash of a domain name that you looked up, not even visited? The bans are not going to be based on that information. You can't ban someone just because they strayed or were enticed into looking up a domain that might host a cheat, only if they actually use those cheats.
I reckon they are using it to find similar users and spot trends more than anything else. If a load of confirmed cheaters all have the same hash in their history, but not most people, then its likely that it's worth looking into other user's with that same hash (or at least taking it into account when someone reports a new cheat).
I'm a Steam fan, it has to be said, but while them looking at my domain history concerns me, they are at least hashing them and they have a full browser in the Steam client. If they want to track my visits, that's infinitely more worrying and does all sorts of cookie stuff (alright, you have to be running Steam and using their browser to visit whatever, but that's still much more info than the hash of a domain I looked up).
Also, in case you hadn't noticed, the name of domains you looked up all go to your DNS server. If that's not a local one, you're already pushing this information in plain text across the Internet. Please tell me that you're not using Google or OpenDNS before you came to whine on this post.
Plus, even aside from all the above, there is no real evidence that they are actually transmitting or collecting this information. Someone's just gone into the new anti-cheat modules with a disassembler and seen something suspicious. Doesn't mean that it's even enabled, or not test code. Nobody has yet seen it actually do this stuff (and what would it take? Wireshark and five minutes?).
If you're using DNSSEC exclusively, didn't read the Steam agreement, are running as a completely unprivileged user (without even access to the name cache, on Linux, presumably?), and can confirm that what is alleged is actually happening, then maybe you have a case to be miffed.
Otherwise? I have bigger privacy worries every time I send an email.
P.S. Damn lameness filter, what the hell are you seeing?
Mars should read "Moon"... I edited the sentence in Preview and it got messed up.
Elitest git.
Sorry, but don't talk rubbish. A £100 (so $200 at best) Celestron reflector will show your kids Jupiter, Saturn, individual craters on Mars, come with tripod, EQ mount and a range of eyepieces. An extra $50 or so and you can get a kit of cheap eyepieces and a barlow in a nice Celestron-branded kit.
You'll see rings on Saturn quite clearly, you'll see the stripes in the atmosphere of Jupiter. I know, I've done it. And inside London, from my backyard (with streetlights and near major roads and cities, and with houses around, in front of and behind me). Damn, I can't even see the Milky Way or more than the Plough on even the clearest night with the naked eye but a simple 75mm reflector with cheap eyepieces will perform wonders.
Scale down and even the cheapest scope will get a kid interested if it's done right. Hell, I had a crowd of adults around my telescope when I dug it out at my last dinner party and we only aimed it at the Moon (and people were going back for second, third, fourth goes at it with other eyepieces).
I hate people who think you have to spend thousands of dollars on ANYTHING in order to enjoy it as an amateur. If anything, people like YOU put off amateurs more than a cheap Galileo-themed telescope that won't quite pick out individual aliens on extra-solar worlds.
I would find this interesting.
As someone who's just got into telescopes themselves after years of my brother casually using a telescope worth more than my car (he's an astrophysicist, though, so that's his game) I was bought a relatively cheap amateur one.
I was quite surprised, in modern times, to be able to see Jupiter's clouds and Saturn rings quite clearly within only a few hours of learning how to use the damn thing and picking targets by eye (none of this Go-To crap), in my backyard, in the crowded suburbs of London, with streetlights only a few meters away, on a pseudo-clear night. And I didn't have RA motors or even proper polar alignment, I was literally just chasing the brightest dots around the sky manually to look at them.
I know astronomy was "easier" for the ancients and for Galileo-era astronomers without such hurdles, but I had always assumed that they pretty much were cancelled out by the poor quality of the optics back then. But I was quite amazed to be able to clearly see, with a £100 scope and the default eyepieces, such detail wobbling in front of me because of the heat of the atmosphere near me.
And even photographing them was much easier than I was led to believe (though I really need to polar-align and get my brand-new RA motor set up so I can do longer exposures).
Honestly, I thought it would be so much harder, hearing for years from well-known astronomers like Sir Patrick Moore, etc. how much the cities destroyed the night sky. I'm sure they do. I'm sure that I *should* be able to see the Milky Way unaided. But, damn, a tiny £100 Newtonian with its supplied cheap mount and eyepieces can do wonders.
I'm not claiming some great feat of astronomy, I'm sure this hasn't really been a shock to anyone who was interested in amateur astronomy before me. But I'm also sure Galileo saw quite clearly a lot of things that were always visible and easy to record, just maybe not always surface detail and rings (which I'm sure he would have thought were there, even if it was just on the edge of his brain supplying that brief glimpse of the whole object through his imperfect lenses and low magnification scope against the shimmering atmosphere and movement of his equipment).
I have a page on my website (warning: long and boring) where I show my first-ever (and worst) images taken through my scope. Sure, it's a 70mm aperture, but I can't imagine that Galileo was seeing that much worse, but maybe distorted and more "lucky" good shots as it went into the smooth parts of his optics.
He might have had to spend years with craftsmen and glass-blowing skills, honing his devices, but I'm pretty sure he would have been able to see almost as much as anyone can - even modern city-dwellers - with just a cheap scope.
I have set my lower threshold for VR:
When I can go to a paintball place and play "CS". Take a fake gun, run over a real terrain that I can see in the virtual world, and my "shots" register as if they were real and take players out of the game once they are "dead" in-game.
Once we get to that level of head-tracking, arm-tracking, freedom-of-movement (i.e. running around in an arena / studio / forest and having the VR know exactly where we are and overlay the virtual world accordingly, thus allowing me to only camp on some high perch if I can physically get there myself), virtual-overlay-over-real-world, and convincing colour/resolution/graphics then I'll consider it proper VR.
Fact is, we were decades off that years ago and we're still decades off it now. Back in the Quake days, I was saying that someone really needs to set up a cyber-cafe type place, with the equivalent of a paintball "arena" inside it (make it bland, or green-screen, or filled with tracking dots, just make it cheap and let the VR fill in the gaps), and - back then - one of those huge stupid VR headsets on your head so you look like the kids from Knightmare running around. Hell, even for Quake-era graphics we'd still struggle to make it convincing even today (even if you mapped perfectly the arena into the virtual world).
The problems of VR are not simple computing problems. It's much more about ergonomics, persistence-of-vision, instantaneous feedback, movement through 3D space, miniaturisation and precise tracking than anything to do with the software you actually run.
And, of course, some obvious things:
- a flat 2D surface in front of your eyes is *not* like a 3D world when your eye tracks (no matter how close it gets). It does not "curve" the same way. So now you need a tiny, bright, hi-res, portable, low-power FLEXIBLE display too which doesn't distort the image too much. Oh, two of them.
- You cannot place g-forces on the user that they aren't creating themselves (so lots of fancy flight sims are nice, but you still need to be in a seat that moves you about)
- Being moved upside-down can only really be replicated by being moved ALMOST all the way upside-down. It's hard to cheat, in a local gravity field, without interfering with the internals of people's ears. (Maybe when we get to space? But then who wants VR when you're in space?!).
- When you solve all these problems, there's still not much call for it except for gaming. You're again limited to what the human body can do whereas before you were, well, able to do whatever the software let you. Imagine Minecraft VR... it'd be the most boring day out in the world (and I actually quite like Minecraft). I can remember back in the 80's, towns in the UK would commission VR walkthroughs of new shopping centres etc. and use the old VR headsets to show people. Last time I saw one? The 80's. How old is something like VRML? Netscape 2.0 (remember the days of places giving you "3D flythroughs" of their new buildings?).
It's not that we couldn't do this before, it's that we gave up because it wasn't commercially viable for a long time because nobody was buying it. I don't doubt we can make it more viable, but whether it'll be mainstream? That's a seriously long way into the future. I've yet to see a Google Glass user, let alone an Oculus Rift user. Anyone remember the Nintendo VR attempt - Virtual Boy? No? Probably a reason for that?
I'm quite happy that Valve are buying into the Oculus Rift and pushing it forward as it's undoubtedly the closest to a consumer VR tech that we have. But we're a long way off it being anything more than a Wiimote-like gimmick.
Houses:
Two visits, both 30+ minutes each.
Multiple hours perusing pictures, measurements taken, etc.
One full house survey by a professional paid to represent my interests.
One full house survey by a professional paid to represent my mortgage companies interests.
Numerous agents to find a house that met the criteria in the first place.
Several lawyers representing my interests at all points (including legally sound paperwork and things like the double-glazing not having been fitted by a FENSA-registered fitter, which we then paid into an "insurance" to protect ourselves for).
Three separate neighbourhood checks (driving around at end of school day, end of work day, late at night) to spot potential problems.
Check into planning changes in a 5 mile radius (required by law)
Check on land ownership and boundaries, with diagrams (required by law)
Check on utility and sewage flow, with diagrams and liabilities clearly highlighted (required by law)
Check on the energy usage of the house (required by law)
Cars:
Vehicle check by law (MOT).
Additional vehicle check for thefts etc.
Roadworthiness report by my father.
Test drive by myself.
Test drive by my girlfriend.
Legal document with previous owner's name and address (by law) should I need to take it back.
(And I guarantee you my car costs less than an iPhone!).
And, to be honest, I'm not even that rigorous. I've seen people do a lot more for a lot less.
And how do you think a house is comparable? Other people taking my house for a test, or similar houses in the road and asking their opinion? No.
A car? You can be damn sure I knew what exactly model I was buying (no Peugeots, no Citroens, no Toyotas), and it was secondhand so I was even more rigorous. But with a brand-new car? You can be damn sure I'd be Googling for reviews by people who bought the model before I touched it.
Just because you're an idiot, don't assume everyone else is.