I imagine it'll go much like when I call the bank and get a robot: "Please tell me what you are calling about today" "speak to operator" "sorry, I didn't catch that, you can use phrases such as 'check my balance' or 'order a replacement card'" "speak to operator" "sorry, I..." "SPEAK TO OPERATOR" "sorr..." "FUCK OFF" "sor..." "FUCK OFF FUCK OFF FUCK OFF" "I'll connect you to someone who can help"
1. Isn't at all clear on what the vulnerability is. It is in fact a bug in the kernel (presumably a device driver for this SoC). I only found this out by reading a different article. This one makes it sound like some sort of problem in the silicon.
2. Isn't news. This vulnerability is already known.
We're all becoming sadly more and more used to articles that try to make a story sound bigger by relating it tenuously to some possible impact (every article about some incremental improvement in battery technology needs 4 paragraphs about electric cars, grid storage and longer battery life for phones), but this really does take the piss by not even attempting to cover the actual story and only going on about the potential impact on IoT security.
Sure, we all need to be aware of the dangers of IoT security (or lack of it), but this is not the way to go about it.
> Can you fake the physical dimensions reported in the EDID block when the connection is using HDCP?
The EDID is unauthenticated and transmitted over i2c. You can simply cut the cable and stick a few cents worth of microcontroller (or i2c eeprom) on the i2c lines.
So there is no reliable way to determine screen size on a remote display. Could work on devices such as smart-tvs (but security is usually woeful compared to set top boxes).
How many people were young/technical enough to use ceefax/teletext yet are not enough so now to have digital television? Only a handful of elderly people remain using analogue TV services, let's assume an age range of 80+ covers almost the entirety of this group. Ceefax began in 1974, so this group were 42+ at the time. This technology would have been utterly unfamiliar at the time and provided no information that couldn't otherwise be acquired (in contrast to the internet, which eventually became the only source of many types of essential information), so uptake of it by people in this age range was probably relatively low.
This leads to the spooky possibility that the driver in the car behind you might die at the wheel, and their car follow you home with their corpse gazing lifelessly over the steering wheel at you...
Well, there are a few torrent clients that can be run from the command line, just install one on each machine with a shell script/batch file to do the work.
You could also consider writing something simple using split and wget or whatever.
Private education is not only disgustingly right wing, it's about as far right as you can get. Even the usual crap defense that the rich have worked for what they have can't apply here. You cannot possibly believe that children, who have not yet had the chance to affect their own position in the world at all should receive better or worse education based on factors they never had any control over.
Even the least politically enlightened here should be sickened by the idea.
What is the point in keeping these things secret? the knowledge can be used for the good of all. Several different governments working to develop the same tech is just wasteful.
I agree. They take away freedom 1 (freedom to change the software to suit your needs (in this case by removing DRM)) which is unacceptable! GPL3 was created to prevent the kind of evil that had not even been imagined at the time GPL2 was written.
Even if the linux kernel is never licensed under GPL3 (and IIRC Torvalds said it was possible (after saying no to a previous draft)), the linux kernel is useless without the basic software to run on it (such as gnulibc and the basic utility programs which WILL be licensed under GPL3 since they are gnu projects). There are some alternatives to the above mentioned software which may even be more suitable than the gnu software (such as busybox to replace the basic apps and uclibc to replace glibc as they are smaller and more suited to the kind of embedded use TIVO wants them for) which are currently licensed under GPL2, I hope that they also choose GPL3 soon.
What people are forgetting here is that just because a company uses open source software, doesn't make them a company the community should protect.
I hope very much that both TIVO and Novell either mend their ways or go out of business in the very near future.
The frequency of wireless networks is well below that of light which is not dangerous. It only begins to become dangerous at around the frequency of UV radiation. The only possibly danger (as with microwave ovens) is a heating effect, but the transmittors are far to weak and it would be relatively easy to prove if they were powerful enough.
I agree with you except for 2 points. Number 1, the language with which you make the point is hardly appropriate. Number 2, I dont think you are answering the question.
Installing pirated microsoft software has 2 effects, firstly it reduces microsoft's revenue (assuming you would otherwise have bought a suitable site license). Secondly it keeps microsoft the standard by continuing to force users to use it.
Legally I am not sure whether it is you or your employer or both that is responsible, but my guess would be that if you were explicitly ordered to do it by your employer then they are responsible (although I may well be wrong).
Obviously (as you said) installing openoffice would be the ideal soloution, but your employer does not let you install it instead of ms office. Perhaps you could slowly persuade users to switch to openoffice until ms office was no longer required and could be removed without anyone noticing?
eg: Q: "how do I fix <some problem related to microsoft word>?" A: "Perhaps it would work better in openoffice?"
Reminding your employer that installing pirated software is illegal would probably a good start (not a threat, obviously, just a reminder).
Slashdot Mirror
I imagine it'll go much like when I call the bank and get a robot: "Please tell me what you are calling about today" "speak to operator" "sorry, I didn't catch that, you can use phrases such as 'check my balance' or 'order a replacement card'" "speak to operator" "sorry, I..." "SPEAK TO OPERATOR" "sorr..." "FUCK OFF" "sor..." "FUCK OFF FUCK OFF FUCK OFF" "I'll connect you to someone who can help"
How useful, to be able to reach my data limit in just over 30 seconds!
What a terrible article. For two reasons:
1. Isn't at all clear on what the vulnerability is. It is in fact a bug in the kernel (presumably a device driver for this SoC). I only found this out by reading a different article. This one makes it sound like some sort of problem in the silicon.
2. Isn't news. This vulnerability is already known.
We're all becoming sadly more and more used to articles that try to make a story sound bigger by relating it tenuously to some possible impact (every article about some incremental improvement in battery technology needs 4 paragraphs about electric cars, grid storage and longer battery life for phones), but this really does take the piss by not even attempting to cover the actual story and only going on about the potential impact on IoT security.
Sure, we all need to be aware of the dangers of IoT security (or lack of it), but this is not the way to go about it.
> Can you fake the physical dimensions reported in the EDID block when the connection is using HDCP?
The EDID is unauthenticated and transmitted over i2c. You can simply cut the cable and stick a few cents worth of microcontroller (or i2c eeprom) on the i2c lines.
So there is no reliable way to determine screen size on a remote display. Could work on devices such as smart-tvs (but security is usually woeful compared to set top boxes).
How many people were young/technical enough to use ceefax/teletext yet are not enough so now to have digital television?
Only a handful of elderly people remain using analogue TV services, let's assume an age range of 80+ covers almost the entirety of this group. Ceefax began in 1974, so this group were 42+ at the time. This technology would have been utterly unfamiliar at the time and provided no information that couldn't otherwise be acquired (in contrast to the internet, which eventually became the only source of many types of essential information), so uptake of it by people in this age range was probably relatively low.
Bootleg DVDs fund terrorism. At $5 each, that's 20 to get a shoe bomb past security.
THAT DODGY SIMPSONS BOX SET COULD KILL HUNDREDS OF PEOPLE!
Now the global economy can collapse, plunging the world into chaos and darkness, all in the blink of an eye
This leads to the spooky possibility that the driver in the car behind you might die at the wheel, and their car follow you home with their corpse gazing lifelessly over the steering wheel at you...
It makes perfect sense. If you can see meat then the hunt is over.
If she'd registered as self employed, it would've worked out fine.
you'd think a lawyer would know that...
"counterfeit software 'delivers a poor experience and impacts customer satisfaction with our products'"
"users do not know that their software is non-genuine"
According to wikipedia, you ripped that line off of William Arthur Shakespeare!
yeah, but into the wild green yonder was pretty weak :(
Well, there are a few torrent clients that can be run from the command line, just install one on each machine with a shell script/batch file to do the work.
You could also consider writing something simple using split and wget or whatever.
Wow, just wow.
Private education is not only disgustingly right wing, it's about as far right as you can get.
Even the usual crap defense that the rich have worked for what they have can't apply here.
You cannot possibly believe that children, who have not yet had the chance to affect their own position in the world at all should receive better or worse education based on factors they never had any control over.
Even the least politically enlightened here should be sickened by the idea.
TURN IT BACK!!!!!!!!
When I read the title of this, I thought it was an article about the return of muds :)
Oooooh, some absurdly rich people didn't get any richer today... ohnoes!
Teach him html, css and php.
Spiffy websites impress women a lot more than a hello world program in real mode assembler. Trust me.
What is the point in keeping these things secret? the knowledge can be used for the good of all. Several different governments working to develop the same tech is just wasteful.
I am using the same OS as the NYSE? I feel unclean!
I agree.
They take away freedom 1 (freedom to change the software to suit your needs (in this case by removing DRM)) which is unacceptable!
GPL3 was created to prevent the kind of evil that had not even been imagined at the time GPL2 was written.
Even if the linux kernel is never licensed under GPL3 (and IIRC Torvalds said it was possible (after saying no to a previous draft)), the linux kernel is useless without the basic software to run on it (such as gnulibc and the basic utility programs which WILL be licensed under GPL3 since they are gnu projects).
There are some alternatives to the above mentioned software which may even be more suitable than the gnu software (such as busybox to replace the basic apps and uclibc to replace glibc as they are smaller and more suited to the kind of embedded use TIVO wants them for) which are currently licensed under GPL2, I hope that they also choose GPL3 soon.
What people are forgetting here is that just because a company uses open source software, doesn't make them a company the community should protect.
I hope very much that both TIVO and Novell either mend their ways or go out of business in the very near future.
I use the program gnomad2 to transfer tracks to my Creative Zen which also uses MTP.
You need the libmtp library from here: http://libmtp.sourceforge.net/
And gnomad2 from here: http://gnomad2.sourceforge.net/
Gnomad2 isnt the greatest app ever written but it seems to do the job and is relatively easy to use.
I believe there is also a kio slave for mtp out there somewhere which might be easier, but I haven't used it myself.
The frequency of wireless networks is well below that of light which is not dangerous. It only begins to become dangerous at around the frequency of UV radiation.
The only possibly danger (as with microwave ovens) is a heating effect, but the transmittors are far to weak and it would be relatively easy to prove if they were powerful enough.
I agree with you except for 2 points.
Number 1, the language with which you make the point is hardly appropriate.
Number 2, I dont think you are answering the question.
Installing pirated microsoft software has 2 effects, firstly it reduces microsoft's revenue (assuming you would otherwise have bought a suitable site license). Secondly it keeps microsoft the standard by continuing to force users to use it.
Legally I am not sure whether it is you or your employer or both that is responsible, but my guess would be that if you were explicitly ordered to do it by your employer then they are responsible (although I may well be wrong).
Obviously (as you said) installing openoffice would be the ideal soloution, but your employer does not let you install it instead of ms office. Perhaps you could slowly persuade users to switch to openoffice until ms office was no longer required and could be removed without anyone noticing?
eg: Q: "how do I fix <some problem related to microsoft word>?"
A: "Perhaps it would work better in openoffice?"
Reminding your employer that installing pirated software is illegal would probably a good start (not a threat, obviously, just a reminder).