Forgot your password?
typodupeerror

Comment: Re:Every week there's a new explanation of the hia (Score 1) 370

by Jane Q. Public (#47734545) Attached to: Cause of Global Warming 'Hiatus' Found Deep In the Atlantic

You've written multiple long-winded posts about how the Greenhouse Effect doesn't exist. Are you recanting those statements?

I've written multiple detailed comments to other people about specific claims about the science. If you wish to interpret them as saying "the greenhouse effect does not exist" that is your business, but it is not quite what I said and not what I was thinking.

Comment: Re:Every week there's a new explanation of the hia (Score 1) 370

by Jane Q. Public (#47734529) Attached to: Cause of Global Warming 'Hiatus' Found Deep In the Atlantic

That being the case, you may thank me for the educate I gave you on the topic that led to you changing your mind.

You didn't "educate me" about anything. Fourier's own writings make it clear that he initially believed De Saussure's apparatus warmed via trapping of radiation, which we know today to be false. It worked by preventing convective cooling... just like a real greenhouse does. No "trapping of radiation" was involved... which we KNOW from hundreds of years now of observation of real greenhouses. Yes, I'm saying Fourier (at the time he wrote those notes) was wrong.

He later postulated that gas in the sky could work via a similar mechanism, holding energy by trapping radiation. However, he correctly noted that the effect in the atmosphere would not be the same, because it includes convection. The problem with this idea is that the first effect -- the radiation trapping -- did not occur at all (we know this from real greenhouses).

The point of the particular comment which you linked to above was not that the greenhouse effect does not exist (that's a different discussion). The point was that the "physics" it was based on was an incorrect conjecture by Fourier about De Saussure's apparatus. The effect did not exist in De Saussure's apparatus. All of the temperature is accounted for by absorption by the blackened cork, and lack of convective cooling.

You then go on to state that if there were no radiation trapping, all the radiation would go straight off to space and the earth would be very cold. But if you really believe that to be true, I suggest you look up how long it takes lunar regolith (in no atmosphere) to cool entirely by radiation once it rotates out of sunlight. You're in for a very big surprise.

Comment: Re:Every week there's a new explanation of the hia (Score 1) 370

by Jane Q. Public (#47734331) Attached to: Cause of Global Warming 'Hiatus' Found Deep In the Atlantic

ENSO has no long--term effect on climate. ENSO is a short term variation.

This is completely irrelevant to my point, which was not about the total energy budget.

THE PURPOSE of models is to do forecasting. So far, no models can accurately project the behavior of ENSO. Now we have a proposed cycle that supposedly drives or at least overwhelms ENSO, but is equally unpredictable. At least so far.

If the model can't forecast not just ENSO, but a larger cycle that supposedly drives or overwhelms ENSO, then the models are that much LESS useful for forecasting.

Get it? I made no comment about energy either staying or leaving. Conservation of energy is not relevant to this point.

Comment: Re:Free market (Score 1) 220

by Jane Q. Public (#47734225) Attached to: When Customer Dissatisfaction Is a Tech Business Model

The free market has taken care of it. Good customer service is expensive. Consumers have demonstrated that they are unwilling to pay additional money for good customer service. Successful companies have aborted customer service to keep prices low.

What kind of fantasy world do you and GP live in?

In order for the free market to take care of it, there has to be a free marker. There isn't. It's effectively a monopoly.

And that's why OP is also just so much garbage. This isn't anything "new" here. It's the same old shit monopolies have always done, once they realized they were monopolies.

I'd think your, and GP's, comments would be funny if they weren't so dangerously wrong-headed. Blaming monopolistic behavior on free markets is like blaming ISIS on democracy.

Comment: Re:tl;dr (Score 1) 79

by vux984 (#47733761) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

Although I agree with you in general, the thing is that you need to think of what the effects of a false positive are. Imagine starting up your game of solitaire and then seeing a Gmail-like login window.

I'm not an android dev.. but on platforms I do write for, any app can determine the name of the foreground process/task.

So the worst that happens, is an oddly timed credentials box for the app you WERE using. That's going to set off far fewer alarm bells than you would think.

Comment: Re:tl;dr (Score 1) 79

by vux984 (#47733527) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

Everybody knows that 'carefully designed timing' and generalisable match very poorly.

Agreed -- however, a visible glitch or hiccup would that really set the majority of android users on guard? I'm skeptical.

Honestly, the entire timing element is almost superfluous; for a large number of users simply throwing up a fishing screen while they are IN another app would garner high success rates.

Launch gmail app... Popup "connection to server failed", "please enter username password". It would be horrifying to see how high a success percentage that gets you."

This attack is impressive in that it generates 98% success rate at detecting and invisibly injecting its phishing screen 'just so'. But honestly -- they'd probably snatch a shocking high portion of credentials simply timing the popup to coincide with 1-2 seconds after a given app starts for a large number of apps.

Granted the sophistication of a finely tuned and well crafted attack would mean even I'd fall for it without being any wiser, and it enables them to go after some more complicated apps, in more complicate scenarios. And yes, a finely tuned profile using knowledge about the particular model of phone, and particular application set etc are required for to pull it off.

But the reality remains that the low hanging fruit (dumb users + easily predictable apps) is going to be very easily harvested.

Comment: Re:Blast from the past (Score 3) 79

by vux984 (#47733231) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

Memory allocation is still controlled by the OS. (At least insofar as apps request memory from the OS, and release it back to the OS).

Normally, an app would have no need to know what another app was doing with memory. However, the instrumentation for another app to track the memory usage of another app exists and is not restricted to elevated / trusted apps.

Clearly it should be.

I can't honestly imagine what a regular app would need this for anyway. Its very much a 'task manager' or 'debugging tool' class of information - and only developers and system level apps need this information.

That along with the fact that apps should not be able to pre-empt eachother and go into the foreground on their own. (iOS apps for example, apparently can't pre-empt; unless they have exceptional permissions (e.g. sideloaded by developers or enterprises or if the device is rooted/jailbroken) so on ios even if the app can determine the app activity, it won't be able to prempt it with its phishing screen.

Comment: Re:tl;dr (Score 3, Interesting) 79

by vux984 (#47733097) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

An immediate work-around would be to randomly place the log-in screen within a pre-determined area such that the hostile app would be unable to immediately overlap it. The double image will tell the user something is wrong.

The double image will tell the user something is wrong.

How is that a work around?

Its a phone. The login 'window' is going into a 3" to 5" space and is full screen in nearly every implementation. The 'popup' that the hostile app preempts simply covers the whole screen.
All in all not a particularly powerful attack vector.

Quite the opposite. Its a very powerful attack vector; and given the surprisingly good ability to time the pre-emption a very dangerous one.

Comment: Re:The real crime here (Score 1) 406

by Jane Q. Public (#47732999) Attached to: 33 Months In Prison For Recording a Movie In a Theater
I'm not disputing what the "real crime" is here, but here is the source of the injustice:

According to many studies over 15+ years, the vast majority of downloads are people who never would have paid to go see the movie in the first place.

Accounting for this, then: if 700,000 downloaded the movie, that probably means (very roughly) 700 lost ticket sales. If a ticket sale is £5 (five pounds if Slashdot doesn't reproduce that character correctly) then after all was said and done, the movie studios might have actually lost about £700 total.

They can't try to claim they lost the whole office box price for every download. That's so overblown as to be nothing more than a bald-faced lie.

Comment: Re:Blast from the past (Score 5, Informative) 79

by vux984 (#47732993) Attached to: Researchers Hack Gmail With 92 Percent Success Rate

Blocking access to the memory space of other processes has been a solved problem since timesharing in the '60s and '70s, right?

Sure it was. That isn't what is happening though.

Its not accessing the apps memory itself. Its accessing the shared memory *statistics* of a process.

Then its using pre-calculated patterns of the shared memory usage (presumably allocation order, sizes allocated, NOT the actual memory contents etc) to guess what the user is doing in the other app. Then, when it detects a pattern that corresponds with "I'm about to log in" it pre-empts the app with its own phishing login screen skinned to look like the original. The user is -expecting- a login screen to popup, and one that looks right does... so they enter their credentials.

I assume they...

All your assumptions and proposed solutions were completely wrong.

The solutions are:

a) to remove untrusted apps ability to monitor memory USAGE statstics

b) to remove untrusted apps ability to pre-empt the screen.
c) better permissions controls and better CURATION limiting
d) it may also help to let apps enter 'critical sections' that cannot be preempted by other apps (?)

Suburbia is where the developer bulldozes out the trees, then names the streets after them. -- Bill Vaughn

Working...