Forgot your password?
typodupeerror

Comment: Re:Surprise! (Score 0) 97

by plover (#47521775) Attached to: Internet Explorer Vulnerabilities Increase 100%

Samzenpus has always been a crappy, insecure editor who doesn't adhere to journalistic standards of integrity.

Color me unsurprised.

He's always been shit, and most of us keep reading as the site of last resort for nerd stuff which survived a long list of crappy, untrained editors who don't adhere to standards.

Piece of crap.

Slashdot has long since demonstrated they couldn't write a decent article if Rob Malda's life depended on it.

In fact, some day I home Anonymous Coward's life does depend on /..

See what I did there?

Go read The Fine Article before spouting your nonsense.

Comment: Re:Makes Perfect Sense (Score 2) 52

by plover (#47509193) Attached to: AirMagnet Wi-Fi Security Tool Takes Aim At Drones

I think this is almost entirely a publicity stunt. It's easy to detect the manufacturer's OUI, and they're already selling a device that examines WiFi traffic, so why not add a signature for the Parrot? It costs them almost nothing, and it's kind of attractive in a faux-nerdy marketing person way. The salesman can use it to joke with the CIO when he's trying to sell them. The engineers will roll their eyes. but the executives will think they're doing something useful.

The real question is if detecting R/C signals is worthwhile. Parrot's WiFi control is only one of many possible protocols they could use on the 2.4 spectrum, and there are many other bands available to R/C owners. If R/C is a real threat, they need to detect them all. Otherwise, their existing software to detect rogue access points is probably more important than identifying specific toys.

Regardless of the technical merit, I think the marketing value is probably more than valuable enough to keep the rule around.

Comment: Re:Isn't this Apple's entire shtick ? (Score 1) 289

by plover (#47502417) Attached to: Why My LG Optimus Cellphone Is Worse Than It's Supposed To Be

All components have a cost, including the software. Let's say LG can include CrapKeyboard 1.0 for free, and GoodKeyboard 3.7 for $0.05/unit. Guess which one they're going to include?

Yes, phone pricing is broken down to that level. The cost of the supported software is a lot higher than the cost of the no-longer-supported software, because they're still paying the developers to support it. As long as CrapKeyboard used to work at least halfway decently (and it must have, because it was in the old production line), throw it in there.

It's a pretty simple explanation, actually.

Comment: Re:Hindsight's twenty-twenty (Score 1) 161

by plover (#47487155) Attached to: Microsoft's Missed Opportunities: Memo From 1997

Of course they were failing. They were failing in 2011, and they knew it, and in case they didn't know it, their CEO told them so. Go re-read their CEO's Burning Platform memo in case you had forgotten how badly they were doing.

In 2007, Apple stepped in and not only did they define a new high-end smartphone market, they owned it, and shared it with nobody. Nokia went from sharing the top-of-the-line smartphone market with Blackberry to a middle-of-the-road smartphone company, and they did it without moving a step. About a year later Google delivered Android, which redefined and then completely dominated the low-end smartphone market. Meanwhile, Nokia delivered nothing new. Nothing. They feebly tried to do something with Maemo (and later MeeGo), but couldn't even ship it. This was about 2009. And Android makers didn't stop there, either. The Galaxy S (as you mentioned) came out in 2010, pushing the out of the low-end smartphone market into Apple's market, and that was the herald for Nokia's decline. In 2010.

Meanwhile, MediaTek had shipped a reference design for low-end phones in 2008. Any plant in Shenzhen could now produce a cheap handset for about $10, so they did, filling shipping containers with the cheap phones that have become ubiquitous in the developing world. Nokia couldn't ship a cheap phone for twice that price. When you're buying cheap phones, you're going to pay the lowest price - so the cost-conscious consumers immediately abandoned Nokia's low end.

All this happened from 2007 through about 2010. Elop's memo came out in 2011, just after Android sales had exceeded theirs for the first time, signalling the end of Nokia's relevance in the marketplace. Nokia's marketshare continued to decline, as they shipped nothing noteworthy. By last year, Nokia was barely remembered as that company that used to make phones before iPhones came out.

Microsoft drove them into the ground at high speed.

That is completely wrong. Microsoft bought them in September of 2013. According to my calendar, that was last year. "Failing" is a polite word for the dire straits Nokia was in at that time. Microsoft didn't drive them any place they hadn't already gone themselves. Perhaps you're confusing the sale of Nokia with the agreement Nokia made to adopt Windows 8 for the cash they needed to keep the lights on. Nokia had already failed to deliver Maemo, which had been in the works since before the introduction of the iPhone. Nokia was incapable of delivering a smartphone OS. They had four years and couldn't do it. MeeGo might have eventually done something for them, but it would have been an even smaller market than Microsoft could deliver.

Let me repeat: Nokia needed Microsoft's cash just to stay in business, back in 2011. That is not the sign of a healthy company.

All that and I still have to say the Microsoft phone is not a terrible device. Nokia put a really nice camera in there, the battery life is good, the screen is clear, and the device is really well made. But the Windows app store is sadly lacking, and Cortana is certainly not yet at the caliber of Siri. It's still just an also-ran in the phone market.

Microsoft had nothing to do with Nokia's decline. Nokia did that to themselves by standing perfectly still, while the entire market passed them by on both sides. Microsoft just picked them up for the scrap value.

Comment: Re:Hindsight's twenty-twenty (Score 5, Interesting) 161

by plover (#47479401) Attached to: Microsoft's Missed Opportunities: Memo From 1997

Microsoft has done some really brilliant things as of late. They've wholeheartedly adopted automated testing for everything. I don't know if they have any product teams that aren't Agile, or aren't doing test driven development. I recently asked a product manager about his product's defect backlog, and he shot me with a cold stare: "We don't have any known defects in our product. As soon as a bug report arrives, the entire team drops what they're doing, and within 15 minutes a developer is working on repro'ing it, and it's fixed within a day. These are very rare occurrences." This was for a million line shrink-wrapped product.

Although it's taking them a long time to turn their teams around, Microsoft finally knows how to engineer code right, and they are quite willing to share with anyone willing to listen. But too many of their clients don't listen, too many of their vendors and suppliers don't listen (driver bugs, etc), too many of their own internal teams are still dragging legacy code bases forward, and they still have a long history of bugs that we all remember. Another problem they have is economic: their primary competition is their old products, like Office 2007, which are good enough for most businesses and students. They really want to get everyone on their Azure cloud, using Office365, live, OneCloud, and to rent computing resources from them, and that's driving a lot of their products in an unnatural direction for their consumers.

Their marketing people haven't helped. Windows RT? Really, they had to emulate Apple's walled garden? The closed iOS ecosystem is about the worst thing Apple ever did to their customers, The Apple tax sucks 30% from every dollar spent on the platform, and there's virtually no escape. And because we all know it sucks, we won't willingly jump into it again - so Microsoft loses even more.

Their forays into other platforms have been abysmal: Ford's SYNC is a crime against drivers. They bought a failing phone company for their hardware, turned out walled garden phones, and nobody showed up. Their previous attempts at embedded systems make people WinCE. And because they start everything out as closed source, and try to contain their own stuff, they see every product as a battle entering competition to the death, instead of an opportunity to cooperate. That got them a long way, and made them a lot of money, but now there are good alternatives, and nobody gives a damn anymore. The stuff they're producing now will all be too much, but way too late.

Comment: Re:And then throw it in a fire (Score 1) 91

I don't think you considered the depth of the question: what is the risk? Could your device contain credit card information? Could it have your social security numbers? Could it have a way to access your bank account? Your retirement accounts? Your brokerage accounts? A lot of your personal finances could be at risk. Are you wealthy enough to be worth kidnapping, and if so, could the device provide access to your family's panic room, or to your alarm system? What about medical information? Assign dollar values to those (it's certainly nebulous, but you want to end up with some kind of estimate) and add up your overall potential for loss. Now, divide by the likelihood your device will be compromised - you might estimate that tens of millions of devices are recycled each year, and you might figure a hundred thousand are handled by people who would like to steal from them, giving you roughly a 1 in 100 chance of having your device compromised. Would you bet the information above on those odds for $300?

Maybe you don't think you have very much worth stealing. Perhaps you're young, and don't have a retirement account, and not much in the bank, so your financial risk is only $1,000. Maybe you don't see any risk at leaking your health data. And maybe you're supremely confident in your abilities to wipe the flash RAM. Good for you, take the $300 and spend it. For you, it's a solid bet. For those of us with more at risk, it's not such a sure thing; even if I am confident in my skills at wiping these devices, what if I make a mistake?

Comment: Re:srm -v -z (Score 2) 91

Well, it confounds it at any rate. But completely filling the device's memory 33 times in a row is pretty likely to overwrite everything at least once or twice - even the hidden "failure reserve" space if it's included in the wear leveling (and if it's not, then it doesn't yet hold any sensitive data, so there's no problem). Guttmann's values may be irrelevant to today's storage media, but that many repeated rewrites of anything still mostly does the job.

If you were an engineer in charge of destroying data printed on paper, and you decided on shred then burn then stir the ashes in water, how many times would you repeat the cycle in order to be sure the data was destroyed? Hint: if your recommendation is greater than one (in order to be pretty sure), check your job title, because you're probably Dilbert's pointy-haired boss.

Drives today work almost nothing like the drives of 20 years ago. They don't paint bit-bit-bit in a stripe, they encode a set of bits in every pulse of the write head. Alter it a tiny fraction, and it becomes a completely different set of bits, one that error correction won't be able to overcome.

Old disks were recoverable because the mechanisms weren't precise, and the data was written with big chunky magnets to assure it was readable. All that slop has been engineered out on order to achieve today's remarkable areal densities. One overwrite is all it takes - as long as you're overwriting it all.

Comment: Re:And then throw it in a fire (Score 4, Informative) 91

This.

What is the value of a used device? Compare that to the risk of the data on that device going to a malevolent third party.

I've had people saying "oh, look at all these hard drives, you should totally sell them on ebay and I bet you could get $10 apiece for them!" Adding up the time I would waste running DBAN or sdelete or whatever, and keeping track of which ones have been wiped, and double checking to make sure everything is really gone, it's not worth the time.

A big hammer and a punch, driven deeply through the thin aluminum cover and down the platter area, takes about a second and leaves nothing anybody would bother trying to recover. You can quickly look at a drive and say "yes, this drive has been taken care of", or "hey, there's no jagged hole here, this drive isn't destroyed." The aluminum cover contains the shards if the platters are glass. I don't care who handles them after destruction. There's no worries about toxic smoke. And if you have to inventory them before shipping them to a recycler, the serial numbers are still readable.

Smashing a phone wouldn't destroy the data on the chips, so a fire is a somewhat safer option.

Truly simple systems... require infinite testing. -- Norman Augustine

Working...