Forgot your password?

Comment: Re:So... (Score 1) 63

by rew (#47555807) Attached to: UK Team Claims Breakthrough In Universal Cancer Test

They found a statistical relationship between the results from "normal" people and "people with cancer". This means that it MIGHT be possible to develop this into a test.

But this "result" (a statistical difference) might be that they got an average score of 98 +/- 10 for the healty people and 102 +/- 10 for the people-with-cancer. So someone who scores 100, healty or has cancer? 105? Can still go both ways.

Comment: Re:It looks like a response to anti spam laws (Score 1) 145

by rew (#47341427) Attached to: Microsoft Suspending "Patch Tuesday" Emails

I'm guessing that of the hundreds of thousands of people who get that "mass mailing", some are reporting the mails as SPAM to the authorities. Even if there is an "unsubscribe link" somewhere.

Those that do this, might have subscribed in the past and now no longer use Microsoft software. Or maybe Microsoft at one point decided to add a class-of-users to the list automatically (which I think they shouldn't have done if they did).

In any case, with so many users, the chances of being reported as spammers are 100%. So I understand the pressure to stop.

Comment: Good thing.... (Score 2) 474

by rew (#47206383) Attached to: Comcast Converting 50,000 Houston Home Routers Into Public WiFi Hotspots

Here in holland and across europe the same is being done. The thing is, technically, many homes are hooked up with a line physically capable of say 20mpbs, but with only a 10mbps subscription. The extra bandwidth can be alotted to "guest users".

Similarly, even if someone has a 20(or more) mbps subscription on a 20mbps line, he/she won't be using all of it all of the time. So you can again use part of the bandwidth for guests. In this case it would be fair to give the original subscriber priority to use whatever he/she wants, and put the guests at a lower priority.

Oh, security wise they also separate the original subscriber from the guests.

I have the impression they do this "sensibly": the subscribers don't really have a valid reason to be upset about it.

And the thing is: If you're a subscriber, suddenly there are hundreds or thousands of places where you won't be using your 3G datalink but a wifi hotspot. Faster, cheaper!

Comment: Re: Not surprising. (Score 1) 378

by rew (#47200849) Attached to: Kids With Operators Manual Alert Bank Officials: "We Hacked Your ATM"

Getting into "admin" mode is a big deal. Even if you don't see a direct way of making money off that, someone else might. (see ingenium's post).

And even then, it should be "confidential information" how much money is in there. If the crooks get to check on the amount that's in there over a period, they can decide to crack it open at "just" the right time. Should improve their "profits" by a factor of two on average.

If you're right and absolutely the only thing they can do is to dispense bills into the "not-dispensed" basket, there is a "denial-of-service" attack: Dispense all bills into the wastebasket just after the machine has been filled. Now the machine will be empty until the next refill. VERY annoying for the people who out-of-habit only go to one ATM.

Comment: Re:Or call your credit card company ... (Score 1) 228

by rew (#47177485) Attached to: AT&T To Use Phone Geolocation To Prevent Credit Card Fraud

You have this creditcard. It works in the mall, it works at the cinema. You go somewhere where you know your brother/friend/whatever also has a creditcard that also works in the obvious places. Do you remember to call the credit card company?

What if the bad guys manage to find your account details at a badly protected webshop? They call the creditcard company saying you'll e doing a few purchases across the country (or abroad). Try it once or twice to see what the creditcard company asks to verify it's you, and most likely the crooks will be able to prepare that information.

Comment: Re:Sweden (Score 5, Informative) 1040

by blahplusplus (#47153343) Attached to: Seattle Approves $15 Per Hour Minimum Wage

"Oh, hang on. Sorry, he was writing about socialism, wasn't he?"

Orwell, is a democratic socialist. He was criticizing stalin's russia

"... for the past ten years I have been convinced that the destruction of the Soviet myth was essential if we wanted a revival of the socialist movement."

AKA he wanted to revive the socialist movement. He stayed a socialist.

Comment: Re:Sweden (Score 3, Interesting) 1040

by blahplusplus (#47153235) Attached to: Seattle Approves $15 Per Hour Minimum Wage

"I must stress that I am not a socialist or communist by a long shot, but there is something wrong with a society that can't pay their workers a proper wage."

That's the nature of capitalist society, capitalism naturally breeds inequality. Marx's analysis of capitalism still holds true.

Dealing with the effects of capital accumulation on the working class, Marx states:

"They mutilate the labourer into a fragment of a man, degrade him to the level of the appendage of a machines destroy every remnant of charm in his work and turn it into a hateful toil; they estrange him from the intellectual potentialities of the labour-process in the same proportion as science is incorporated in it as an independent power. ... It follows therefore in proportion as capital accumulates the lot of labourer, be his wages high or low, must grow worse. It establishes an accumulation of misery corresponding with the accumulation of capital. Accumulation of wealth at one pole is, therefore, accumulation of misery, agony, toil, slavery, ignorance, brutality, mental degradation at the opposite pole."

Comment: Re:His 'role in the site' (Score 5, Insightful) 221

by blahplusplus (#47138795) Attached to: Pirate Bay Co-Founder Peter Sunde Arrested In Sweden

"Do you have any idea how stupid you sound when you make such statements. You lose all credibility when you act like facilitating crime isn't in and of itself a crime."

The original crime was monopoly, Intellectual property and it's believers are the biggest scam going. The people who originally wrote copyright didn't expect it'd become eternal.

Look at the following chart:

If you still think he's a "criminal" you are too stupid and illiterate to see that the law is nothing but the rich man's tool to take away the rights of everyone else.

Comment: Are you going to trust a 99% solution? (Score 1) 125

by rew (#47127035) Attached to: Imparting Malware Resistance With a Randomizing Compiler

This doesn't fix the problem. It makes the chances of exploitation a bit smaller, on a "per-try" basis.

Back in the old days, some daemons or setuid programs would do insecure things with /tmp. So the hacker would make a program:
target = "/tmp/somefile";
while (1) {
      unlink (target);
      link ("/etc/passwd", target);
      unlink (target);
      link ("/tmp/myfile", target);
The daemon would check access permissions of the "target", hopefully after the last line in the loop, then open and write the target, hopefully after the second line inside the loop. Leave this running, trigger the target app, and you get the target app to write somewhere where it shouldn't (in this case /etc/passwd. Get it to add "\nmyroot::0:0::::\n" to make the system allow you to login as root without a password....)

The same applies to this stack/compiler randomization tricks: The hacker first tries at a slow pace, but instead of hacking your system, fails to get in because he's crashing your service deamon. You notice your service going down every day or so. Buggy software. Stupid randomization! No time to fix, and you make the daemon restart automatically. And bingo! Now the hacker can try thousands of times!

In cryptography, care has been taken that you can't figure out one of the "bits" of the key by a simple search. So that the exponential search (find the key among 2^256 possible keys) does not become "256 times: find bit n". To guarantee that no "bit leaking" will happen in a buggy program is very, very difficult: The designers of the program don't know where the bug is, the compiler doesn't know where the bug is, but the attacker does!

So... if this goes mainstream, the hackers will find a way to extract little bits of knowledge of the randomization, determine what the actual randomization was, and then attack the service as usual.

Of course, there will be cases where say: the time for the attack is increased beyond the attack-detection-time. So instead of the attack being succesful, the attack might be detected and averted.

Anyway, I much rather have something that actually WORKS instead of "has a chance of working". But maybe that's just me.

Comment: Almost Nobody gets it even Snowden... (Score 3, Interesting) 348

by blahplusplus (#47101777) Attached to: Why Snowden Did Right

... this (mass surveillance) is just more part and parcel of state suppression of dissent against corporate interests. They're worried that the more people are going to wake up and corporate centers like the US and canada may be among those who also awaken. See this vid with Zbigniew Brzezinski, former United States National Security Advisor.

Look at the following graphs:

And then...

WIKILEAKS: U.S. Fought To Lower Minimum Wage In Haiti So Hanes And Levis Would Stay Cheap

Free markets?

"We now live in two Americas. One—now the minority—functions in a print-based, literate world that can cope with complexity and can separate illusion from truth. The other—the majority—is retreating from a reality-based world into one of false certainty and magic. To this majority—which crosses social class lines, though the poor are overwhelmingly affected—presidential debate and political rhetoric is pitched at a sixth-grade reading level. In this “other America,” serious film and theater, as well as newspapers and books, are being pushed to the margins of society.

In the tradition of Christopher Lasch’s The Culture of Narcissism and Neil Postman’s Amusing Ourselves to Death, Pulitzer Prize-winner Chris Hedges navigates this culture—attending WWF contests, the Adult Video News Awards in Las Vegas, and Ivy League graduation ceremonies—to expose an age of terrifying decline and heightened self-delusion."

Comment: Re:My DLP... (Score 1) 44

As this is from a western company (HP), I expect such technical claims to be reasonably reliable. They claim 1024x768 resolution, which is 100% correct. For something less easy to measure (for me), if they claim 2000 ANSI-lumen, I expect at least say 1800, with the "excuse" something like: we put it on the "boost" setting for that measurement (and then decided not to put it in the final product because it reduces lamp-life a lot).

"Stupidity, like virtue, is its own reward" -- William E. Davidsen