Forgot your password?
typodupeerror

Comment: 2GB RAM is plenty for Win8.1 x86... (Score 1) 215

by BUL2294 (#47704583) Attached to: New HP Laptop Would Mean Windows at Chromebook Prices
I can confirm that Windows 8.1 x86 on 2GB RAM runs great--even on a 5-year old netbook. I loaded Win 8.1 Pro on a 2009-era Dell Inspiron Mini 9 (it had a now-unsupported XP) with an x86-only hyperthreaded Atom processor & IDE SSD--and it flies. I even put a new Intel 802.11ac WiFi-Bluetooth miniPCI card in it. I can't use Metro apps (1024x600 screen doesn't meet Metro's 1024x768 requirement, darn it), but after loading Start8, I don't care. I have a very portable little desktop machine that flies with Office 2010, Firefox, etc.

My only complaints are that Chrome actually performs quite poorly on sites with heavy AJAX (specifically Yahoo Mail), and that Flash is better off left not installed (darn). But Firefox appears to be much better optimized for low-end hardware, so I just use Firefox with no Flash.

Comment: Re:For Win9, MS should go back to Service Packs... (Score 1) 304

In addition, the "monthly updates" are generally security fixes that exists to solve a security hole--where proper interaction with the component shouldn't cause problems before or after the applied fix. They generally solve one security problem within the component (e.g. buffer overflow at xxxxxxxxxxxxxx when called by yyyyyyyyyyyyyyy). That's why they've generally been trouble-free. Microsoft has recently gone on-record stating that Patch Tuesday will now be getting more such non-security feature updates, and they won't be optional.

Comment: Re:For Win9, MS should go back to Service Packs... (Score 2) 304

Generally speaking, old-school Service Packs were both the bundling of hotfixes and new kernel-level features (e.g. USB 3.0, 4K drive sectors, UEFI support, etc.). In the world of Win7 and lower, Patch Tuesday was generally limited to security fixes and parameter changes (e.g. daylight savings time changes). Microsoft would also make available optional updates to Windows components (Internet Explorer, Media Player, etc.) that you could apply as desired.

This model isn't true with Win8.x. They're putting out kernel/feature updates every few months, trying to appear more Agile. A few months back, there was a mini-furor over Update 1 in that you had 30 days to test & apply it to your systems, or get no new updates. There was no beta of the release code that administrators could test ahead of time, as was customary with Service Packs. Some users flipped--specifically companies. Microsoft backed down a teeny bit, but only offered to create a branch for those who wanted to hold off on Update 1--for one extra Patch Tuesday cycle (4-5 weeks).

Comment: For Win9, MS should go back to Service Packs... (Score 4, Interesting) 304

This is a perfect example of why Microsoft should go back to doing Service Packs and not these seemingly random "feature updates" that have become the norm with Windows 8.x and Office 2013 (non-MSI / "click to install"). There's no standard codebase anymore and feature updates are just being installed willy-nilly, with no real support window for delayed installations. (At least with a SP, you had a year to test & work around a problem before MS pulled the support plug). This is another reason why companies don't want Win8.x--kernel-level updates with only a few days warning. (Articles were still talking about "Windows 8.1 Update 2" as recently as 2 weeks prior to August's Patch Tuesday). I'd hate to be an NT administrator fretting over all my 2012R2 installations right now.

Instead of getting a SP for Windows 8, we now have 8.1. Instead of getting SPs for Windows 8.1, we now have 8.1 Update 1 and 8.1 August Update. We have updates that come through the "Store" app. This is one of the reasons (granted, not the primary one) why the uptake of Windows 8.x is now slower than Vista's uptake some ~2 years post-RTM, and why Windows 7 is gaining market share, at the expense of XP and Vista. Companies don't want this model and the headaches that go along with it.

So, for Win9, just go back to a Service Pack model and make everybody happy. Yes, SPs cost a lot of money to put out, and yes MS ends up looking old-school, but the rigor with testing is (presumed to be) significantly higher than some rushed, "little" update. Windows 8.x is broken, and Microsoft keeps pitching a newer, faster cycle of feature updates, but this just proves they are incapable of properly handling such a model... Microsoft: you are not Apple, and you don't have to try to emulate them.

As for myself, so far my two Win8.1 installations (one x86, one x64) and one of 2012R2 in a VM are not showing problems from these updates... But I have only myself to blame for not waiting a few extra days. Of course, now MS will have to come up with an out-of-band fix (with even less testing) within the next ~3 weeks or will have to have 2 sets of patches for September's Patch Tuesday--one for those who haven't uninstalled these updates and one for those who have. Pure stupidity...

Comment: Why not just deprecate IE and save some serious $? (Score 3, Interesting) 426

Seriously, Microsoft... Internet Explorer has cost the company & its shareholders BILLIONS (wages, lawsuit settlements, DOJ/EU investigations, royalties, partnerships (e.g. AOL), etc.), yet made it $0 in income. If it wasn't for Bill Gates' inflated ego back in the mid-90s against Netscape, and if Microsoft would have partnered with a company like Netscape (back then) or Mozilla/Google/Opera (now), they would be in even better financial shape than they are in...

Sure, one can argue that MSN made a lot of money because it was the default homepage on IE, but MSN would have made the same amount of money if Microsoft bundled Netscape with Windows & set MSN as the default page--and would have pushed off all the R&D and risks onto a 3rd party. But no--almost 20 years later, we're still dealing with the hangover of those decisions. Business students should be doing case studies on the MS-IE debacle...

So, Microsoft, please deprecate IE!!! Do the world, and especially your shareholders, a favor. Stop at IE11. You've proven that you can deprecate things and support them on newer OSes (e.g. Jet/ACE). And since you'll need an HTML engine in future OSes (e.g. HTML Help, etc.), throw some money at Firefox (or Google, Opera, etc.) and force all "newer" internally developed programs (e.g. Visual Studio) to call this engine--while "older" apps stick with the deprecated engine (which still receives security updates) and/or are moved to the newer one over time... IE and its engine becomes a legacy feature and be done with it.

But, alas, the inflated IE ego syndrome still permeates within Microsoft...

+ - Experian breach exposed 200 million Americans' personal data over a year ago

Submitted by BUL2294
BUL2294 (1081735) writes "CNN Money is reporting that, prior to the Target breach that exposed information on 110 million customers, and prior to Experian gaining Target's "identity theft protection" business from that breach, Experian was involved a serious breach, to which nobody admits the scope of. Their subsidiary, Court Ventures, unwittingly sold access to a database to a Vietnamese fraudster named Hieu Minh Ngo. This database contained information on some 200 million Americans, including names, addresses, Social Security numbers, birthdays, work history, driver's license numbers, email addresses, and banking information. "Criminals tapped that database 3.1 million times, investigators said. Surprised you haven't heard this? It's because Experian is staying quiet about it. It's been more than a year since Experian was notified of the leak. Yet the company still won't say how many Americans were affected. CNNMoney asked Experian to detail the scope of the breach. The company refused. "As we've said consistently, it is an unfortunate and isolated issue," Experian spokesman Gerry Tschopp said.""

Comment: Re:Pass (Score 1) 75

by BUL2294 (#47522283) Attached to: Verizon's Offer: Let Us Track You, Get Free Stuff
Save money on Verizon or save money on things marketers want you to buy? What's the difference--if you're still saving $$$?

Imagine a brave new world where you walk into a Whole Foods and the "VZWAds" app pops-up a coupon for $0.50 off a $4.99 gallon of "365" brand milk, $0.30 off some couscous, and $1 off the pre-made food bar (minimum $15 purchase) for lunch? You needed milk, have no idea how to cook couscous, and you were getting hungry for lunch--but $15 worth of pre-made food is a lot, even at Whole Foods... After using that coupon, and scarfing down your huge lunch, you get another popup that gives you $0.50 off a Starbucks "mocho-choco-latte-cremo-supremo" venti-sized drink--but, HURRY, only if you buy one within the next 30 minutes at the Starbucks right next to Whole Foods! You've never had that type of drink, but the discounted price makes it worth trying! Then, the cloud concludes that you're probably low on cat food, since you last bought 36 cans a few weeks ago, so the app pops up yet another $0.50 coupon, this time for cat food at PetSmart! And all of these places are in the same strip mall...

Just thing of the possibilities!

Comment: Re:Why does this work (Score 1) 194

by BUL2294 (#47507101) Attached to: A New Form of Online Tracking: Canvas Fingerprinting
I agree--I just don't see how this is the case. Sure, one person's Cleartype settings would be different from another's, so are we saying that the exact subpixel rendering is calculated? The article also mentions fonts installed... So, if I add a font, or a font like Arial Unicode gets updated (e.g. install a new version of MS-Office), my CANVAS fingerprint is now different/broken?

The claim of 90% accuracy for PCs is shockingly, quite high... But if tablets & mobile devices have problems with this and PCs don't, something don't smell right. So, is this trick working on a somehow poor implementation of CANVAS--that somehow creates different images on different PCs--but the same image on the same PC? What about a PC running Firefox vs. the same PC running Firefox in a VM (same OS or different OS)?

Comment: While I welcome any increase in bandwidth... (Score 1, Interesting) 234

by BUL2294 (#47501957) Attached to: Verizon Boosts FiOS Uploads To Match Downloads
Uploading is still a fraction of what downloading is... Most home consumers, even those with IoT devices or heavy P2P users, are still net consumers of online information. (Think Netflix, Windows Updates, VPN, remote desktop, etc.) I see it as a gift I didn't care to receive but one that I wouldn't pass up. So, I have to ask, what's the point?

A more valuable gift would be continue the lack of symmetry, and bump existing download & upload speeds by some percentage. Until Netflix becomes P2P, most people wouldn't see much of a benefit from this... (e.g. Netflix streaming still sucks but my uploads to YouTube are 40% faster!)

Comment: Re:Fantastic! Open sourcing will make pwning easie (Score 1) 136

by BUL2294 (#47373511) Attached to: Microsoft Backs Open Source For the Internet of Things

Closed source doesn't do much to slow down 'sploit writers. Moreover, opening the source code gives nerds a fighting chance to update abandoned devices. Don't believe me? Look at Cyanogenmod.

Really? There's enough encryption, licensing, hardware, etc., that prevents most users from rooting their Android & iOS devices. I have an Android phone and I am a nerd. But I'm still afraid to put Cyanogenmod (or another distro) on my phone for fear that it'd be an expensive one-way trip. Manufacturers have come a long way since the simple hardware that Rockbox could be used on... (Notice how Rockbox hasn't added any devices lately--and that the project is receiving less submissions...)

And just because something has been open sourced & the code has been dumped onto Sourceforge or GitHub doesn't mean someone's actively working on the project. And most manufacturers would not cede control of the code, even for 5-10 year old devices, lest that code be used by a competitor--or worse, by someone filing a lawsuit for a defective product...

Comment: Fantastic! Open sourcing will make pwning easier! (Score 4, Insightful) 136

by BUL2294 (#47372965) Attached to: Microsoft Backs Open Source For the Internet of Things
Everything about the IoT is a bad idea, especially when it comes to security on old devices. Now there's a consortium to open-source some of the code? Even better--for those who want to cause harm.

Right now, most household appliances (refrigerators, stoves, thermostats, home automation, home security, etc.) are devices that are closed off. So, even though my stove may have a security hole, I might not be able to exploit it without using a JTAG. Ultimately, there's no easy way to exploit them unless you have physical access to the internals of the appliance. But the IoT changes that--and not for the better. To add, many of the devices you'd want to connect to the IoT have lifespans of decades. So, unless we get government action saying that "if you want to make an IoT device, you have to provide security support for 20+ years", we'll end up with pwned thermostats that we can't change, the fridge that now sends spam & doesn't have enough available processing power to turn on the compressor, or that my TV now shows popup ads for hookers, offshore pharmacies selling Viagra, and other ads in front of the kids & I can't shut it off. And all the better when the pwned IoT fridge wants to talk to my non-pwned IoT Smart TV. On top of that, it won't help that the Linux kernel (or Apache, PHP, MySQL, drivers, etc.) it's running on is 20 years old & nobody--except malware authors--has looked at that version for over a decade...

What an obvious clusterfuck waiting to happen... I'm just waiting for a group of early Smart TVs to get bricked because some malware does something to them--and the manufacturer says "not our problem--it's old!" Then people might realize what a Pandora's Box this is...

Comment: Generally, no timers at RLC intersections... (Score 1) 579

by BUL2294 (#47367661) Attached to: Unintended Consequences For Traffic Safety Feature
One thing to note (and this is evil), often the red-light camera (RLC) intersections DON'T have the countdown timers.*** In Chicago, the RLC capital of the USA--with over 200 RLC intersections in the city alone, the vast majority don't have pedestrian countdown timers. In this city, revenue generation trumps pedestrian safety...

***As a driver, in my estimation, less than 10% of Chicago's RLC intersections have pedestrian countdown timers. To add, even in non-RLC intersections, the blinking "DON'T WALK" is shorter in the city than in the suburbs (old people won't make it across if they start to cross right before blinking DON'T WALK), except if the intersection has state-owned property abutting the intersection (e.g. a state university like UIC).

Comment: Re:No airgap? (Score 2) 86

by BUL2294 (#47360471) Attached to: Western Energy Companies Under Sabotage Threat
Yes, but now you'd need someone on-site, at the machine in question or on another PC within the airgapped network, to do their evil deeds. Doesn't matter if I know the password of the machine with the "NOC list" (from "Mission Impossible 1"); if the airgapped PC is physically thousands of miles away and/or I can't get into the site with the airgapped network, then what's the point??? I'm willing to bet some of the passwords on PCs within an airgapped network are "password", "12345", blank, "00000", etc.

And if you're really paranoid or anal, keyboards are cheap to replace -- or randomly cycle different brands/models/styles of keyboards between a set of PCs at random intervals...

Comment: Re:And here I'm hoping... (Score 1) 681

which describes every version from Windows 95 until XP 64-bit edition - can run 16-bit apps.

Wrong. Every 32 bit version of Windows, including the 16/32-bit hybrid Win9x versions, and including Windows 8.1 Update 1, can run 16-bit apps. XP 64-bit cannot run 16-bit applications. That being said, there's a LOT of old code out there, still being used by businesses, that's 16-bit, some weird 16/32-bit mix, or pure 32-bit originally intended for Win9x that has problems. These could be mission-critical applications from some company that went out of business 20 years ago, nobody has the source code to anymore, and nobody has come up with an alternative. For these people, Dosbox isn't an option as it would require 1) a license Windows 3.1x or Win9x; 2) Dosbox 0.74 officially doesn't support running any version of Windows on it--and there are serious limitations for applications that you would run on it (e.g. no SHARE.EXE or VSHARE.386 capabilities).

In addition, there are a LOT of 32-bit applications, mostly written in the Win9x era, that will not run on Win XP/2003/Vista/7/8.x 64-bit or may need cajoling. Specific examples include certain .NET applications (e.g. 32-bit applications that are compiled with the setting to run on the target hardware--which has problems if you use certain data types on 64-bit) and Visual FoxPro. So now we have to run them on their 32-bit equivalents. And even then, that's not a guarantee, even with Compatibility Modes.

Now, I'm all for Win9 being 64-bit only, but improve compatibility for business users with 16 & 32 bit applications--even if that means running a VM within a VM (e.g. NTVDM under WoW on a 64-bit OS). Yes, we can all argue that MS at some point has to let the past be in the past, but there are valid reasons why companies generally load 32-bit OSes on their PCs...

Comment: Re:For Starters... (Score 1) 88

Not necessarily true. Just because you're the 23-year old "CEO" of a small firm employing 25 people making one product or service, doesn't mean you're capable of scaling up if things take off. Sure, it may be fun & games at 25 people, but if you suddenly balloon to 1000 employees, you'll need someone who knows how to navigate all of the following in the business world: shareholders, investors, salespeople, legal headaches, red tape, patent trolls, new products, multi-year plans, security breaches, logistics, accounting, etc. Those situations likely call for such a firm getting acquired--and they should be acquired.

Any firm that experiences exponential growth, especially related to the Internet or IoT, should be acquired...

"The value of marriage is not that adults produce children, but that children produce adults." -- Peter De Vries

Working...