How sure are you that the passcode on the phone can't be broken? I'm sure the iPhone-cracking firm that helped the FBI would rather you were using a device like that than just an encrypted file sitting on anything else.
Surely encryption with an algorithm of your choice is better than having to deal with a vendor-chosen encryption on a device they can control?
P.S. Nobody has yet demonstrated a break of any of the current supported encryption methods. If you can't rely on them for this, you also can't rely on ANYTHING encrypted anyway - e.g. Tor, banking, etc.
P.P.S. There's paranoia, and then there's just being silly.
If I wanted to smuffle 16GB of data into the UK, I'd buy one of the many VPN providers that offer services in just about every country in the world, then upload it anonymously and encrypted from a cybercafe computer to some local service (e.g. a local Google or whatever equivalent), via that encrypted channel.
And then only providing the password to decrypt it when I actually got to the other end myself.
- I'm carrying nothing, no data, no electronics. - There's no record linking me to that file. - Anyone who reads in in transit is going to be very disappointed. - I can pick it up wherever and whenever I like.
But then, I actually have a clue what I'm doing when it comes to IT, which apparently suspected terrorists aren't capable of (if you think like border security personnel).
And a phone is quite easily compromised and unlocked, as the whole iPhone unlocking debacle confirmed - and you have to actively refuse to co-operate or they could just copy your entire phone memory which (despite all the freedoms we enjoy) is suspicious at least.
Upload it to the cloud / rented server / throwaway email. Access it from the other end. Decrypt it offline. Anything else, and you're really at the amateur end anyway, e.g. people trying to hide emails proving they are going to work contrary to their visa, not major terrorists emailling around plans for an attack.
I have precisely three drivers listed in my WDS driver packages.
One is for an IBM BladeCenter SAS RAID controller that blue-screens with the default Windows one (so all the blades have to start using that driver from the very first boot or they will blue-screen, even if you push updates later).
Two for gigabit-network cards that aren't covered by plain Windows install disk / WDS installs (purely to kick-start them being able to get out to Windows Update and download a better driver and let them PXE properly in the first place - nothing worse than PXE-boot from BIOS into WDS that then can't progress as it can't talk to the network).
Anything else is just bundled junk. And it's much better to find out that device X doesn't have a good driver freely available for all OS on day one of purchase, than years down the line when you're forced to upgrade and the supplier has no interest any more.
Literally, hundreds of machines, dozens of models and makes, and one F12 PXE boot will install them all to user's satisfaction from just bundled Windows drivers and Windows Update to support all hardware internally. Webcam, SATA controllers, display adaptors, SD card readers, USB 3.0 hubs, wireless, etc. etc.
My images are also tiny because of it - no bundled junk, or sound-card-taskbar-apps and the like. Plain Windows, standard software, imaged and done. And it also means that you can pull a disk, put it in ANY OTHER MACHINE on site and it will just work as it will pick up all the drivers for the new hardware.
FFT even an audio signal of the beat, or light-level through the finger or whatever.
Produce some simple stat on the regularity and speed of the heartbeat from that data.
Use that number to establishment a limit, to use as a diagnostic against those who are medically diagnosed with such conditions.
Apply that limit to Yes/No answer.
If it got WORSE than 97% accuracy, I'd be surprised. It it took more than a handful of code coupled with an audio/camera and FFT library, I'd be amazed. The processing power required would be pathetic.
Whether or not it would actually BE USEFUL as a diagnostic device with that kind of accuracy? That's another matter entirely.
However, if we were to have taken the $110 billion (adjusted for today's money) that Apollo cost, and just put it into semiconductors and materials, would the US have gotten more out of it even if it couldn't have put a man up there. The fact we haven't been back for 50 years does tell you something about the practicality of doing that very thing that we knew even back then.
Similarly, if we took the money that's going into solar, put it into nuclear, and suffered the lost-jobs of even using entirely outside labour for doing such things, would Germany be better or worse off? I'm pretty sure the difference could easily be spent on fixing an awful lot of other "environmental crimes".
You can achieve almost anything if you're willing to throw enough money and people at it.
From the Great Pyramids to putting a man on the moon.
The question to ask is not "Did these people want something and do it?" but "Was what they wanted practical and sensible?"
They are entirely different questions.
I could run a country from AA batteries, if I'm allowed to tax everyone and use government money to do it, and people get behind the idea. Whether that's sensible or sustainable is another matter entirely.
I still don't see how paying people to deliver some highly variable trickles of electricity back to "the grid" is in any way efficient.
Subsidising people to do so was necessary to start it, precisely because of this, and they quickly disappeared.
I'm not sure how you can justify, quite literally, paying people for - potentially - ONE SINGLE UNIT of electricity if they're using up everything they want to, at an odd voltage, which has to be stepped-up, phase-shifted, transported back to the grid in a measured manner etc.
The only way it works is that the subsidies were at one stage cheaper than the associated "fine" for not doing environmentally-friendly things. These are all artificial measures. We're paying people to do things so we don't get into trouble, not because they're feeding back useful stuff.
Sure, en-masse it works. It always would to an extent. It generates employment, support industries, land taxes, etc. etc. but everything in-between and quite a chunk of it is goodwill payments rather than actual practical cost of electricity.
And you're expecting the energy companies to "co-operate" when you're destroying their business by farming out their job to some guy with a shed and a panel.
Eventually, the energy price rises caused by the business effect of shutting down nuclear, etc. and forcing them to clean everyone's pittances of electricity and feed them back to the grid AND PAY THEM for it will just cause massive inflation in the market.
And when they no longer want to run the backups, you will lose them and have nothing to fall back on (or the fallback will cost you a fortune because it's not used very often but has to be always-available).
Currently, people are paying to be green, via subsidies (i.e. from taxes), increase prices (e.g. importing energy, etc.) or otherwise.
Public has *read and write* permission for anybody in the CREATOR OWNER and INTERACTIVE groups. The latter includes any logged-in user account. So anyone can potentially read the keystrokes of the admin who sat on the machine before them ten years ago while setting up the machine, even if they don't have - and never have had - permission to even install software on a machine.
That's not "non-story".
Installing software that can read the keyboard even when not focused requires a bit more than that. And even a keylogger device on the hardware wouldn't capture HISTORICAL keylogs of the users before you plugged it in.
And no system, human or technical, realised that new bank details were being entered for multiple accounts that all then requested refunds? I would hazard that some of those accounts might even have been the same.
But your system didn't detect a pattern of "change bank details", "request refund", etc.
That said, I would question why screenshots were possible - if indeed we are talking about proper screenshots rather than just taking a photo with his phone (which would presumably attract a bit more attention).
If he did this from the work PC, you have serious failings - he's sending emails from work (presumably on an unblocked personal account) with screenshots of personal data.
If he's holding his phone up to the screen and clicking on a regular basis? That's just as bad.
The next question I have is why is the agent allowed to see the details, rather than just get prompted for security details? Why is there a page where they just see everything, rather than go through the same set of questions on the system that they would need to ask the customer? And if the answers aren't on display in front of him, but he has to type them in and let the system authorise whatever it is he's doing (e.g. I imagine changing bank details requires at least customer, account numbers, etc.), then a screenshot is basically useless.
Least privilege principle. The agent doesn't need the other information on the customer unless he's specifically asked for it - in which case the request is recorded and you'd be able to see "Oh, Employee A requested Customer X, Customer Y and Customer Z's account numbers on all three occasions that those bank details were changed and then the customer complained."
If I ran a call-centre, I would literally have PC's with encrypted data over serial consoles (no general purpose operating system access at all). There's no need for even a GUI. And every phone call would go through a list of options for the operative. They would see no information, but be prompted for the user details that they have to prompt for anyway. The system would prompt, the operative would relay the prompt and answer, the system would decide whether to grant access to the next FUNCTION (not just a screen full of customer data). Every keypress recorded in tandem with the call they're dealing with (storage is dirt cheap for such things, hell most schools record every phone call nowadays, let alone a call centre dealing with millions of pounds of product/service sales)
If you need to check, say, the customer's email to let them know what one they used to sign up, you request it. The system returns a masked copy. If in doubt, you just request a change of email for the customer to ensure the one they want to use is the one that's entered in the system. If there's no change (i.e. you entered the same email as the system already has), the system can know that what you were asking is much less suspicious.
If a function is risky (changing bank details), there's still no way for the operative to screenshot, and it might even need the mythical, never-present "supervisor" to press a button on his computer to authorise a change too. If your boss has to know you're doing it, authorise it and/or be in cahoots with it, then you're much less likely to even try.
Anything really complex that does require the full customer record (like what? I can't imagine)? Done in a recorded full-access session available only on the superviser's authorisation and kept rare deliberately.
This also automatically fulfills your data protection requirements as none of the people or computers have access to any information that's not required for their job. Literally, their job requires no more information than the system ever gives them.
You then have the need (which is present anyway) to ban pen, paper, smartphones, etc. while working.
And no minimum-wage prat can steal your customer database, spam every customer email, pull off stuff like this anywhere near as easily, disrupt the syste
I'm not an expert. Nor do I care about the government out to get me. If they want me, it's quite easy to get me.
However... this would greatly affect my ability to travel. My laptop is my only saviour from the noisy, rude idiots around me, the cabin crew that want to CONSTANTLY interrupt me and make me do things, and the sheer boredom of many hours of sitting in a too-small seat that I have to disturb a stranger to move from.
Literally, you just removed my state-of-the-art entertainment system with movies, TV, radio, games, working environment, and replaced it with...? A pack of fucking cards, basically.
Already I would have to ensure my laptop had NO WORK MATERIAL WHATSOEVER to travel to the US. Literally, I would have to break EU law to comply with US law in that case. I would possibly be asked to give up details that literally no-one else on Earth has any need or just cause to know without requiring a warrant issued by a court.
And now you want to take the only vestige of being able to entertain myself away. This adds massive amount of stress to an incredibly boring journey, which can only be escaped by using functions which may well start to become pay-for (e.g. in-flight movies, loan of tablets and the like).
Literally, this kind of crap would eliminate air travel for me just from the UK to, say, France. I just wouldn't bother. I'd rather get in my car, take five times as long and drive it myself. I already hate the 2 hour flight to Italy because of all the crap associated with wanting to sit in a metal box and be in Italy in 2 hours time (which often requires 4 additional hours of travel, parking, bus from the parking to the terminal, getting in plenty of time before arrival, sitting around doing fuck all, collecting luggage, etc. etc. etc.).
I am buy no means a stressed-out loon, but that kind of unnecessary crap drives me mad. If I had malicious intent, I could get on a train with the SAME NUMBER OF PEOPLE, with ALMOST ANY LUGGAGE THEY WANT (in any amount their car can carry, including the fuel tank), get enclosed in a similar metal box and still blow it to smithereens and kill the same amount of people and get the same amount of press... and not one bit of the same security theatre applies. The only thing I don't think you can carry in the Channel Tunnel (that's legal to have in the UK, at least) is an LPG car (LPG bottles are fine so long as they are stowed properly in the vehicle - another bit of bollocks that I do not understand).
I honestly don't give a shit that the terrorists built a bomb. That's what terrorists do. They put them in waste bins in London throughout the 80's. We removed waste bins. Now we have nowhere to throw fucking rubbish away. But people could still commit acts of terrorism.
The terrorists already won. We're like the kid in the playground who's worked out that if he doesn't bring in his ball, the bullies won't take it from him at break time. Well-fucking-done. How about we reclaim a bit of our dignity?
Every single "this could be made into a bomb" piece of crap from carrying little silly bottles in little silly plastic bags, to having my shoes scanned, to having to drink baby milk in front of a security officer to "prove" it's milk just makes me fucking hate people that think up the rules, tolerate them, and think we're somehow "winning" against the terrorists by "thwarting" their attacks.
Guess why there are so many different plots? Because every time you do something, we guard against that. And then people just go "Right, what next? Oh, look, laptops!". Now you have a new threat, massive expense on stupid rules and countermeasures, new crap to make people stand in queues for longer, new bollocks to make me hate my own government and country more for capitulating to it. And then all they do is say "Right... next up... let's put a bomb in a set of headphones."
This sort of crap puts me off domestic flights in my own country. I'd rather drive for 10 times as long than deal with this kind of shi
Large intersection, especially with more than the standard four directions, are the same kinds of size as an equivalent roundabout.
The UK has MUCH less space that the US, I assure you, and we have roundabouts everywhere.
Also, there's this thing called a mini-roundabout, for tiny junctions. It's basically a circle painted in the middle of a four-way intersection. Does the same job, just as effectively.
Even large roundabouts don't require bridges or nonsense, and where they do (e.g. large motorway intersection), you already need ramped sliproads and everything else anyway.
Go look at London. Our roads are tiny, they are surrounded by ancient buildings, the layouts are far from uniform, and there are thousands of roundabouts throughout.
They also require NO INFRASTRUCTURE. No power, no timing, no signals, no monitoring, no more servicing than any plain section of road. You paint a circle in the road, or plant a large circular lawn in a big junction. Done and finished.
Working in a school, I make enough (and it's a voluntary donation as far as I'm concerned) to tide me through the half-term holidays with tea and biscuits.
Yeah. You're a twat, who thinks that the bigger the number the better and you "can't possibly" do stuff with anything else.
I mean, seriously, did you even spend two fucking seconds thinking about it, given that one Google search and the first couple of Wikipedia articles show you how much rubbish you're talking?
I gave up trying to understand chip names and model numbers a long time ago.
GPUs and CPUs are the worst - I have absolutely no clue whether a particular number / model is better / worse than any other.
I let my suppliers deal with it - I tell them what I want, they send me a spec, I google to ensure the chip numbers do what I want in terms of core-speed, number of cores, etc.
It's not hard to come up with a sensible numbering / naming system, but if Intel didn't have a page for every chip that just says number of cores, speed, etc. then I'd have absolutely no clue. Changing it to colours isn't helping matters either - that just reeks of marketing where everyone thinks they need to have "Gold" rather than "Silver" when there's probably little gain for most people.
For the same reason, I stopped buying separate CPUs and motherboards many years ago and nowadays I don't even tend to buy PSUs etc. separately. Because the combination needs to be correct and I'm not going to waste my time and effort only to get it wrong.
Everything from CPU sockets, to PSU power draw (don't forget to check the 12V rail!), to PCIe speed,to card profile height - after a while it just gets so boring, and I'm paying people to supply me the gear, so I let them do the legwork.
But the situation for consumers is actually completely the flip of that. People ask me about buying laptops. I say "check it has the ports you want". No point paying a fortune for a laptop that doesn't have enough USB, and if you buy enough USB or whatever you want for it, it'll be fast enough to do what you want nowadays. Even the cheapest gaming laptops are stupendous in specification and able to play anything I have on my Steam account (if my 6-year-old laptop can do it, too!).
Don't care about the numbers, or the exact model of chip, or anything like that. If you want a cheapy thing just for office, buy a cheapy thing just for office. If you want a gamer's thing for high-end gaming, buy something that's pitched at gamers and comes with the Razer gaming mice or whatever. Pretty much, that's a better indicator than faffing with all the statistics - which although I could understand, nobody else does and I just don't have the time to be bothered to do the research.
Don't even get me started on "does AMD graphics card X perform better than nVidia graphics card Y?"
"So the decryption keys, the encrypted data, and the plaintext data are all published."
AND ONLY THE DECRYPTION KEY MATTERS. Read the OP, rather than try to backtrack.
Encrypted data? Doesn't matter. Plain-text data corresponding to it? Doesn't matter. Decryption algorithm? Doesn't matter.
Decryption KEY - matters. It's in every device, yes. But not necessarily accessible (e.g. similar to TPM devices - you'd have to decap the chip to discover the key and we have trouble enough doing that to 1990's arcade cabinets with pure ROM chips that are secured by basic techniques, let alone a 2010's TPM chip designed for nothing more than securely encrypting using a key that's programmed once and never revealed - nobody's broken any TPM chips yet, but they're in almost every PC on the planet even if they're not enabled).
But everything else you could publish the source code on github and put a thousand examples of encrypted and plaintexts on the Internet on anonymous FTP. And it *still* doesn't help you.
Not saying that DRM can ever be fully secured.
But the details of the encryption algorithm / known-plain-text stuff helping you out when the opponent is using a modern encryption scheme is absolute bollocks.
I'm afraid you don't understand encryption at all.
And this *isn't* encryption of data, so much as (attempted) encryption of transit.
Any encryption method, you can openly publish the decryption method and hardware. If you can't, it's no good.
What you *CAN'T* publish are the decryption keys. If you publish these, you are an idiot. CSS, AACS, etc. and pretty much all DRM schemes mis-use transport encryption by giving you the keys too, in some convoluted fashion. They are able to revoke keys, they are able to issue keys to manufacturers, but they are giving decryption keys to you. That's the problem, not the decryption device or decryption method.
Any encryption that cannot survive a known-plaintext attack is useless in the modern era. It's as simple as that. That's not how encryption has worked since the days of the Caesar cipher - even Enigma wasn't really that vulnerable to that because working out the key-settings for a known plaintext was computationally infeasible for the time. Don't believe every line in The Imitation Game ("Heil Hitler! Turns out that's the only German you need to know to break the code!").
So, no, what the problem is is not the encryption. It's the intended use. You give EVERY DEVICE MANUFACTURER a decryption key. Which you can revoke. But which millions of people share.
The reason for this is that otherwise you have to give every viewer a unique decryption key and give them unique copies of their disc, and encrypt data on-the-fly to them (because you can't store 6 billion differently-encrypted copies of the movie). And that just means that one guy has one key, and if he doesn't care about that key being later revoked, he can decrypt his own personal copy and problem solved.
AACS was a little bit more complicated, with all kinds of virtual machines checking state, and things like keys that were generically derivable if you have enough device keys (which means that nobody can trace who actually broke it or blacklist them).
But those are security-by-obscurity and inherent flaws of using encryption as DRM instead of its intended use.
But if you have an encryption scheme where you cannot publish the algorithm, or encrypted known plain-texts, you are very much back in the 60's (e.g. "Modern ciphers such as Advanced Encryption Standard are not currently known to be susceptible to known-plaintext attacks.")
I thought enable NPAPI doesn't do anything any more? NPAPI plugins have been dead since last year at least, and the forcible override options were deprecated.
Popup blocking? Okay, I can see that might be annoying.
Default browser check, I can see that interfering with thing.
Disable GPU, sure for non-GPU machines.
But no sandbox just sounds dangerous,
And I can't see how half the stuff on there would work by default in 32 but not 64-bit versions.
"And note our method of accounting for simultaneous usage: If someone spends an hour watching TV (for example) and uses a smartphone to surf the web during the same hour, we count this as an hour of usage for each medium, and hence as 2 hours of total media time."
So if you watch a program and browse a website during the advert break, that counts twice (one hour each of TV and surfing for one hour)?
And if you browse 12 websites a day, one an hour for a fraction of a second each, that could count as 12 hours of usage on its own.
A quick hunt around UK jobsites shows a number of large companies (not banks) looking for COBOL programmers in the £35-45k range. That's the price range of someone who just does basic network management, who can be replaced in seconds.
The banks aren't giving salaries but they state benefits, etc. but much of their job descriptions are "experience with finance stuff" with COBOL thrown in occasionally.
Though I'm sure it probably is harder to find a COBOL programmer than other languages nowadays, they aren't trying very hard to attract them based on searching "COBOL" on a number of jobsites. Either what little demand there is is being met, or they just aren't advertising them at all.
I have to learn all kinds of new, esoteric and niche languages all the time as part of my job.
Surely what you want is to hire a business or banking programmer and make sure they are then made competent in COBOL (gosh, maybe you could utilise your ageing COBOL workforce to teach him?), no different to bringing in a guy trained on a competitor's system and training him on YOUR system.
It worries me that a bank would be hiring a programmer who *can't* do several languages, especially languages that have been around for decades rather than languages utilising entirely different paradigms, or that can't pick up new ones as they appear.
If you hire some - I don't know, whatever the language of the moment is, say Java or something - programmer to replace all this system, you'll have a system tied into Java. Which will, as Java is starting to show, start to get replaced itself by the time that guy has gone and you've only got rookies running the place on the old-guy's code.
Massive expense, to be back to square one, after decades of dodgy code that was trying to stabilise.
Advertise for programmers, teach them COBOL as the "in-house" language. Then, so long as your business systems have the tools for them to create and execute those programs, you're sorted for a long time yet. You don't even need to care that every other bank in the world has moved to Java or whatever if you do it right and have standardised interfaces or conversion tools.
I think this is not related to "we can't find people who could program in COBOL" as much as "we already have a bunch of cheap outsourced programmers who only know Java and they can't learn anything else".
The time taken to familiarise yourself with such a critical codebase to the point of confidence in pushing your production code should VASTLY outweigh the time required to actually learn something like COBOL from scratch, in this kind of industry.
P.S. There are about the same total amount of petrol stations in the UK (though it used to be 4 times as many back in the 60's, but obviously ranges have increased and super-stores are now the preference rather than small independents), but in the UK that still gives you a petrol station every 9.5 square miles or thereabouts.
To be honest, according to: https://www.zap-map.com/statis... there are nearly 4000 Tesla and non-Tesla locations where you can charge a car just in the UK, with 12000 charging points. Even in the UK, electric is only one-half of petrol availability.
These Tesla stations are really a minority. They don't need to double, they need to do something radical like ten times the number of chargers just to start competing in the US alone. And continue that until saturation.
God knows how much electric 100,000 fast-charging stations pull. I doubt it's any more environmentally friendly than even 100,000 petrol cars.
Slashdot Mirror
How sure are you that the passcode on the phone can't be broken? I'm sure the iPhone-cracking firm that helped the FBI would rather you were using a device like that than just an encrypted file sitting on anything else.
Surely encryption with an algorithm of your choice is better than having to deal with a vendor-chosen encryption on a device they can control?
P.S. Nobody has yet demonstrated a break of any of the current supported encryption methods. If you can't rely on them for this, you also can't rely on ANYTHING encrypted anyway - e.g. Tor, banking, etc.
P.P.S. There's paranoia, and then there's just being silly.
Wifi inna pub.
Sorted.
If I wanted to smuffle 16GB of data into the UK, I'd buy one of the many VPN providers that offer services in just about every country in the world, then upload it anonymously and encrypted from a cybercafe computer to some local service (e.g. a local Google or whatever equivalent), via that encrypted channel.
And then only providing the password to decrypt it when I actually got to the other end myself.
- I'm carrying nothing, no data, no electronics.
- There's no record linking me to that file.
- Anyone who reads in in transit is going to be very disappointed.
- I can pick it up wherever and whenever I like.
But then, I actually have a clue what I'm doing when it comes to IT, which apparently suspected terrorists aren't capable of (if you think like border security personnel).
And a phone is quite easily compromised and unlocked, as the whole iPhone unlocking debacle confirmed - and you have to actively refuse to co-operate or they could just copy your entire phone memory which (despite all the freedoms we enjoy) is suspicious at least.
Upload it to the cloud / rented server / throwaway email. Access it from the other end. Decrypt it offline. Anything else, and you're really at the amateur end anyway, e.g. people trying to hide emails proving they are going to work contrary to their visa, not major terrorists emailling around plans for an attack.
Same, but Windows 8/8.1
I have precisely three drivers listed in my WDS driver packages.
One is for an IBM BladeCenter SAS RAID controller that blue-screens with the default Windows one (so all the blades have to start using that driver from the very first boot or they will blue-screen, even if you push updates later).
Two for gigabit-network cards that aren't covered by plain Windows install disk / WDS installs (purely to kick-start them being able to get out to Windows Update and download a better driver and let them PXE properly in the first place - nothing worse than PXE-boot from BIOS into WDS that then can't progress as it can't talk to the network).
Anything else is just bundled junk. And it's much better to find out that device X doesn't have a good driver freely available for all OS on day one of purchase, than years down the line when you're forced to upgrade and the supplier has no interest any more.
Literally, hundreds of machines, dozens of models and makes, and one F12 PXE boot will install them all to user's satisfaction from just bundled Windows drivers and Windows Update to support all hardware internally. Webcam, SATA controllers, display adaptors, SD card readers, USB 3.0 hubs, wireless, etc. etc.
My images are also tiny because of it - no bundled junk, or sound-card-taskbar-apps and the like. Plain Windows, standard software, imaged and done. And it also means that you can pull a disk, put it in ANY OTHER MACHINE on site and it will just work as it will pick up all the drivers for the new hardware.
FFT even an audio signal of the beat, or light-level through the finger or whatever.
Produce some simple stat on the regularity and speed of the heartbeat from that data.
Use that number to establishment a limit, to use as a diagnostic against those who are medically diagnosed with such conditions.
Apply that limit to Yes/No answer.
If it got WORSE than 97% accuracy, I'd be surprised.
It it took more than a handful of code coupled with an audio/camera and FFT library, I'd be amazed.
The processing power required would be pathetic.
Whether or not it would actually BE USEFUL as a diagnostic device with that kind of accuracy? That's another matter entirely.
Agreed. I am trying to play devil's advocate too.
However, if we were to have taken the $110 billion (adjusted for today's money) that Apollo cost, and just put it into semiconductors and materials, would the US have gotten more out of it even if it couldn't have put a man up there. The fact we haven't been back for 50 years does tell you something about the practicality of doing that very thing that we knew even back then.
Similarly, if we took the money that's going into solar, put it into nuclear, and suffered the lost-jobs of even using entirely outside labour for doing such things, would Germany be better or worse off? I'm pretty sure the difference could easily be spent on fixing an awful lot of other "environmental crimes".
You can achieve almost anything if you're willing to throw enough money and people at it.
From the Great Pyramids to putting a man on the moon.
The question to ask is not "Did these people want something and do it?" but "Was what they wanted practical and sensible?"
They are entirely different questions.
I could run a country from AA batteries, if I'm allowed to tax everyone and use government money to do it, and people get behind the idea. Whether that's sensible or sustainable is another matter entirely.
I still don't see how paying people to deliver some highly variable trickles of electricity back to "the grid" is in any way efficient.
Subsidising people to do so was necessary to start it, precisely because of this, and they quickly disappeared.
I'm not sure how you can justify, quite literally, paying people for - potentially - ONE SINGLE UNIT of electricity if they're using up everything they want to, at an odd voltage, which has to be stepped-up, phase-shifted, transported back to the grid in a measured manner etc.
The only way it works is that the subsidies were at one stage cheaper than the associated "fine" for not doing environmentally-friendly things. These are all artificial measures. We're paying people to do things so we don't get into trouble, not because they're feeding back useful stuff.
Sure, en-masse it works. It always would to an extent. It generates employment, support industries, land taxes, etc. etc. but everything in-between and quite a chunk of it is goodwill payments rather than actual practical cost of electricity.
And you're expecting the energy companies to "co-operate" when you're destroying their business by farming out their job to some guy with a shed and a panel.
Eventually, the energy price rises caused by the business effect of shutting down nuclear, etc. and forcing them to clean everyone's pittances of electricity and feed them back to the grid AND PAY THEM for it will just cause massive inflation in the market.
And when they no longer want to run the backups, you will lose them and have nothing to fall back on (or the fallback will cost you a fortune because it's not used very often but has to be always-available).
Currently, people are paying to be green, via subsidies (i.e. from taxes), increase prices (e.g. importing energy, etc.) or otherwise.
One day that will go away.
Shadow Copies.
Er... no.
C:\users\public\MicTray.log
Public has *read and write* permission for anybody in the CREATOR OWNER and INTERACTIVE groups. The latter includes any logged-in user account. So anyone can potentially read the keystrokes of the admin who sat on the machine before them ten years ago while setting up the machine, even if they don't have - and never have had - permission to even install software on a machine.
That's not "non-story".
Installing software that can read the keyboard even when not focused requires a bit more than that. And even a keylogger device on the hardware wouldn't capture HISTORICAL keylogs of the users before you plugged it in.
And no system, human or technical, realised that new bank details were being entered for multiple accounts that all then requested refunds? I would hazard that some of those accounts might even have been the same.
But your system didn't detect a pattern of "change bank details", "request refund", etc.
That said, I would question why screenshots were possible - if indeed we are talking about proper screenshots rather than just taking a photo with his phone (which would presumably attract a bit more attention).
If he did this from the work PC, you have serious failings - he's sending emails from work (presumably on an unblocked personal account) with screenshots of personal data.
If he's holding his phone up to the screen and clicking on a regular basis? That's just as bad.
The next question I have is why is the agent allowed to see the details, rather than just get prompted for security details? Why is there a page where they just see everything, rather than go through the same set of questions on the system that they would need to ask the customer? And if the answers aren't on display in front of him, but he has to type them in and let the system authorise whatever it is he's doing (e.g. I imagine changing bank details requires at least customer, account numbers, etc.), then a screenshot is basically useless.
Least privilege principle. The agent doesn't need the other information on the customer unless he's specifically asked for it - in which case the request is recorded and you'd be able to see "Oh, Employee A requested Customer X, Customer Y and Customer Z's account numbers on all three occasions that those bank details were changed and then the customer complained."
If I ran a call-centre, I would literally have PC's with encrypted data over serial consoles (no general purpose operating system access at all). There's no need for even a GUI. And every phone call would go through a list of options for the operative. They would see no information, but be prompted for the user details that they have to prompt for anyway. The system would prompt, the operative would relay the prompt and answer, the system would decide whether to grant access to the next FUNCTION (not just a screen full of customer data). Every keypress recorded in tandem with the call they're dealing with (storage is dirt cheap for such things, hell most schools record every phone call nowadays, let alone a call centre dealing with millions of pounds of product/service sales)
If you need to check, say, the customer's email to let them know what one they used to sign up, you request it. The system returns a masked copy. If in doubt, you just request a change of email for the customer to ensure the one they want to use is the one that's entered in the system. If there's no change (i.e. you entered the same email as the system already has), the system can know that what you were asking is much less suspicious.
If a function is risky (changing bank details), there's still no way for the operative to screenshot, and it might even need the mythical, never-present "supervisor" to press a button on his computer to authorise a change too. If your boss has to know you're doing it, authorise it and/or be in cahoots with it, then you're much less likely to even try.
Anything really complex that does require the full customer record (like what? I can't imagine)? Done in a recorded full-access session available only on the superviser's authorisation and kept rare deliberately.
This also automatically fulfills your data protection requirements as none of the people or computers have access to any information that's not required for their job. Literally, their job requires no more information than the system ever gives them.
You then have the need (which is present anyway) to ban pen, paper, smartphones, etc. while working.
And no minimum-wage prat can steal your customer database, spam every customer email, pull off stuff like this anywhere near as easily, disrupt the syste
I'm not an expert. Nor do I care about the government out to get me. If they want me, it's quite easy to get me.
However... this would greatly affect my ability to travel. My laptop is my only saviour from the noisy, rude idiots around me, the cabin crew that want to CONSTANTLY interrupt me and make me do things, and the sheer boredom of many hours of sitting in a too-small seat that I have to disturb a stranger to move from.
Literally, you just removed my state-of-the-art entertainment system with movies, TV, radio, games, working environment, and replaced it with...? A pack of fucking cards, basically.
Already I would have to ensure my laptop had NO WORK MATERIAL WHATSOEVER to travel to the US. Literally, I would have to break EU law to comply with US law in that case. I would possibly be asked to give up details that literally no-one else on Earth has any need or just cause to know without requiring a warrant issued by a court.
And now you want to take the only vestige of being able to entertain myself away. This adds massive amount of stress to an incredibly boring journey, which can only be escaped by using functions which may well start to become pay-for (e.g. in-flight movies, loan of tablets and the like).
Literally, this kind of crap would eliminate air travel for me just from the UK to, say, France. I just wouldn't bother. I'd rather get in my car, take five times as long and drive it myself. I already hate the 2 hour flight to Italy because of all the crap associated with wanting to sit in a metal box and be in Italy in 2 hours time (which often requires 4 additional hours of travel, parking, bus from the parking to the terminal, getting in plenty of time before arrival, sitting around doing fuck all, collecting luggage, etc. etc. etc.).
I am buy no means a stressed-out loon, but that kind of unnecessary crap drives me mad. If I had malicious intent, I could get on a train with the SAME NUMBER OF PEOPLE, with ALMOST ANY LUGGAGE THEY WANT (in any amount their car can carry, including the fuel tank), get enclosed in a similar metal box and still blow it to smithereens and kill the same amount of people and get the same amount of press... and not one bit of the same security theatre applies. The only thing I don't think you can carry in the Channel Tunnel (that's legal to have in the UK, at least) is an LPG car (LPG bottles are fine so long as they are stowed properly in the vehicle - another bit of bollocks that I do not understand).
I honestly don't give a shit that the terrorists built a bomb. That's what terrorists do. They put them in waste bins in London throughout the 80's. We removed waste bins. Now we have nowhere to throw fucking rubbish away. But people could still commit acts of terrorism.
The terrorists already won. We're like the kid in the playground who's worked out that if he doesn't bring in his ball, the bullies won't take it from him at break time. Well-fucking-done. How about we reclaim a bit of our dignity?
Every single "this could be made into a bomb" piece of crap from carrying little silly bottles in little silly plastic bags, to having my shoes scanned, to having to drink baby milk in front of a security officer to "prove" it's milk just makes me fucking hate people that think up the rules, tolerate them, and think we're somehow "winning" against the terrorists by "thwarting" their attacks.
Guess why there are so many different plots? Because every time you do something, we guard against that. And then people just go "Right, what next? Oh, look, laptops!". Now you have a new threat, massive expense on stupid rules and countermeasures, new crap to make people stand in queues for longer, new bollocks to make me hate my own government and country more for capitulating to it. And then all they do is say "Right... next up... let's put a bomb in a set of headphones."
This sort of crap puts me off domestic flights in my own country. I'd rather drive for 10 times as long than deal with this kind of shi
No it doesn't.
Large intersection, especially with more than the standard four directions, are the same kinds of size as an equivalent roundabout.
The UK has MUCH less space that the US, I assure you, and we have roundabouts everywhere.
Also, there's this thing called a mini-roundabout, for tiny junctions. It's basically a circle painted in the middle of a four-way intersection. Does the same job, just as effectively.
Even large roundabouts don't require bridges or nonsense, and where they do (e.g. large motorway intersection), you already need ramped sliproads and everything else anyway.
Go look at London. Our roads are tiny, they are surrounded by ancient buildings, the layouts are far from uniform, and there are thousands of roundabouts throughout.
They also require NO INFRASTRUCTURE. No power, no timing, no signals, no monitoring, no more servicing than any plain section of road. You paint a circle in the road, or plant a large circular lawn in a big junction. Done and finished.
I have a user-error fund.
It's a charity box with that written on.
When you waste my time on something, I shake it.
Working in a school, I make enough (and it's a voluntary donation as far as I'm concerned) to tide me through the half-term holidays with tea and biscuits.
I tell people to fuck off, I'm busy.
Or appropriately worded phrases to that effect.
Is this really a problem for any sensible adult?
You mean the Amazon Echo:
https://en.wikipedia.org/wiki/...
https://www.ifixit.com/Teardow...
With 256Mb RAM, 4Gb NAND, and a 32-bit chip:
http://www.ti.com/product/DM37...
that's based on an ARM Cortex-A8:
https://en.wikipedia.org/wiki/...
Which is a 32-bit CPU?
Yeah. You're a twat, who thinks that the bigger the number the better and you "can't possibly" do stuff with anything else.
I mean, seriously, did you even spend two fucking seconds thinking about it, given that one Google search and the first couple of Wikipedia articles show you how much rubbish you're talking?
I gave up trying to understand chip names and model numbers a long time ago.
GPUs and CPUs are the worst - I have absolutely no clue whether a particular number / model is better / worse than any other.
I let my suppliers deal with it - I tell them what I want, they send me a spec, I google to ensure the chip numbers do what I want in terms of core-speed, number of cores, etc.
It's not hard to come up with a sensible numbering / naming system, but if Intel didn't have a page for every chip that just says number of cores, speed, etc. then I'd have absolutely no clue. Changing it to colours isn't helping matters either - that just reeks of marketing where everyone thinks they need to have "Gold" rather than "Silver" when there's probably little gain for most people.
For the same reason, I stopped buying separate CPUs and motherboards many years ago and nowadays I don't even tend to buy PSUs etc. separately. Because the combination needs to be correct and I'm not going to waste my time and effort only to get it wrong.
Everything from CPU sockets, to PSU power draw (don't forget to check the 12V rail!), to PCIe speed,to card profile height - after a while it just gets so boring, and I'm paying people to supply me the gear, so I let them do the legwork.
But the situation for consumers is actually completely the flip of that. People ask me about buying laptops. I say "check it has the ports you want". No point paying a fortune for a laptop that doesn't have enough USB, and if you buy enough USB or whatever you want for it, it'll be fast enough to do what you want nowadays. Even the cheapest gaming laptops are stupendous in specification and able to play anything I have on my Steam account (if my 6-year-old laptop can do it, too!).
Don't care about the numbers, or the exact model of chip, or anything like that. If you want a cheapy thing just for office, buy a cheapy thing just for office. If you want a gamer's thing for high-end gaming, buy something that's pitched at gamers and comes with the Razer gaming mice or whatever. Pretty much, that's a better indicator than faffing with all the statistics - which although I could understand, nobody else does and I just don't have the time to be bothered to do the research.
Don't even get me started on "does AMD graphics card X perform better than nVidia graphics card Y?"
"So the decryption keys, the encrypted data, and the plaintext data are all published."
AND ONLY THE DECRYPTION KEY MATTERS. Read the OP, rather than try to backtrack.
Encrypted data? Doesn't matter.
Plain-text data corresponding to it? Doesn't matter.
Decryption algorithm? Doesn't matter.
Decryption KEY - matters. It's in every device, yes. But not necessarily accessible (e.g. similar to TPM devices - you'd have to decap the chip to discover the key and we have trouble enough doing that to 1990's arcade cabinets with pure ROM chips that are secured by basic techniques, let alone a 2010's TPM chip designed for nothing more than securely encrypting using a key that's programmed once and never revealed - nobody's broken any TPM chips yet, but they're in almost every PC on the planet even if they're not enabled).
But everything else you could publish the source code on github and put a thousand examples of encrypted and plaintexts on the Internet on anonymous FTP. And it *still* doesn't help you.
Not saying that DRM can ever be fully secured.
But the details of the encryption algorithm / known-plain-text stuff helping you out when the opponent is using a modern encryption scheme is absolute bollocks.
I'm afraid you don't understand encryption at all.
And this *isn't* encryption of data, so much as (attempted) encryption of transit.
Any encryption method, you can openly publish the decryption method and hardware. If you can't, it's no good.
What you *CAN'T* publish are the decryption keys. If you publish these, you are an idiot. CSS, AACS, etc. and pretty much all DRM schemes mis-use transport encryption by giving you the keys too, in some convoluted fashion. They are able to revoke keys, they are able to issue keys to manufacturers, but they are giving decryption keys to you. That's the problem, not the decryption device or decryption method.
Any encryption that cannot survive a known-plaintext attack is useless in the modern era. It's as simple as that. That's not how encryption has worked since the days of the Caesar cipher - even Enigma wasn't really that vulnerable to that because working out the key-settings for a known plaintext was computationally infeasible for the time. Don't believe every line in The Imitation Game ("Heil Hitler! Turns out that's the only German you need to know to break the code!").
So, no, what the problem is is not the encryption. It's the intended use. You give EVERY DEVICE MANUFACTURER a decryption key. Which you can revoke. But which millions of people share.
The reason for this is that otherwise you have to give every viewer a unique decryption key and give them unique copies of their disc, and encrypt data on-the-fly to them (because you can't store 6 billion differently-encrypted copies of the movie). And that just means that one guy has one key, and if he doesn't care about that key being later revoked, he can decrypt his own personal copy and problem solved.
AACS was a little bit more complicated, with all kinds of virtual machines checking state, and things like keys that were generically derivable if you have enough device keys (which means that nobody can trace who actually broke it or blacklist them).
But those are security-by-obscurity and inherent flaws of using encryption as DRM instead of its intended use.
But if you have an encryption scheme where you cannot publish the algorithm, or encrypted known plain-texts, you are very much back in the 60's (e.g. "Modern ciphers such as Advanced Encryption Standard are not currently known to be susceptible to known-plaintext attacks.")
Try the login page for Tumblr.
It loads more than 20Mb of scripts and images.
I thought enable NPAPI doesn't do anything any more? NPAPI plugins have been dead since last year at least, and the forcible override options were deprecated.
Popup blocking? Okay, I can see that might be annoying.
Default browser check, I can see that interfering with thing.
Disable GPU, sure for non-GPU machines.
But no sandbox just sounds dangerous,
And I can't see how half the stuff on there would work by default in 32 but not 64-bit versions.
"And note our method of accounting for simultaneous usage: If someone spends an hour watching TV (for example) and uses a smartphone to surf the web during the same hour, we count this as an hour of usage for each medium, and hence as 2 hours of total media time."
So if you watch a program and browse a website during the advert break, that counts twice (one hour each of TV and surfing for one hour)?
And if you browse 12 websites a day, one an hour for a fraction of a second each, that could count as 12 hours of usage on its own.
Shitty statistics present shitty conclusions.
Agreed.
A quick hunt around UK jobsites shows a number of large companies (not banks) looking for COBOL programmers in the £35-45k range. That's the price range of someone who just does basic network management, who can be replaced in seconds.
The banks aren't giving salaries but they state benefits, etc. but much of their job descriptions are "experience with finance stuff" with COBOL thrown in occasionally.
Though I'm sure it probably is harder to find a COBOL programmer than other languages nowadays, they aren't trying very hard to attract them based on searching "COBOL" on a number of jobsites. Either what little demand there is is being met, or they just aren't advertising them at all.
Why does the language matter?
I have to learn all kinds of new, esoteric and niche languages all the time as part of my job.
Surely what you want is to hire a business or banking programmer and make sure they are then made competent in COBOL (gosh, maybe you could utilise your ageing COBOL workforce to teach him?), no different to bringing in a guy trained on a competitor's system and training him on YOUR system.
It worries me that a bank would be hiring a programmer who *can't* do several languages, especially languages that have been around for decades rather than languages utilising entirely different paradigms, or that can't pick up new ones as they appear.
If you hire some - I don't know, whatever the language of the moment is, say Java or something - programmer to replace all this system, you'll have a system tied into Java. Which will, as Java is starting to show, start to get replaced itself by the time that guy has gone and you've only got rookies running the place on the old-guy's code.
Massive expense, to be back to square one, after decades of dodgy code that was trying to stabilise.
Advertise for programmers, teach them COBOL as the "in-house" language. Then, so long as your business systems have the tools for them to create and execute those programs, you're sorted for a long time yet. You don't even need to care that every other bank in the world has moved to Java or whatever if you do it right and have standardised interfaces or conversion tools.
I think this is not related to "we can't find people who could program in COBOL" as much as "we already have a bunch of cheap outsourced programmers who only know Java and they can't learn anything else".
The time taken to familiarise yourself with such a critical codebase to the point of confidence in pushing your production code should VASTLY outweigh the time required to actually learn something like COBOL from scratch, in this kind of industry.
Global network.
10,000 chargers.
That's one every 5750 (ish) square miles.
Well done.
P.S. There are about the same total amount of petrol stations in the UK (though it used to be 4 times as many back in the 60's, but obviously ranges have increased and super-stores are now the preference rather than small independents), but in the UK that still gives you a petrol station every 9.5 square miles or thereabouts.
To be honest, according to: https://www.zap-map.com/statis... there are nearly 4000 Tesla and non-Tesla locations where you can charge a car just in the UK, with 12000 charging points. Even in the UK, electric is only one-half of petrol availability.
These Tesla stations are really a minority. They don't need to double, they need to do something radical like ten times the number of chargers just to start competing in the US alone. And continue that until saturation.
God knows how much electric 100,000 fast-charging stations pull. I doubt it's any more environmentally friendly than even 100,000 petrol cars.