Forgot your password?
typodupeerror

Comment: Re:We had a distributed social network (Score 1) 224

by IamTheRealMike (#48215593) Attached to: We Need Distributed Social Networks More Than Ello

If you ignore the ability to restrict personal data to particular people, news feed with intelligent ranking that tries to guess who your real friends are so you don't have to upset people who post a lot by defriending them, the ability to tag people in photos, the lack of any need for meaningless URLs and a seamless way of organising events ...... then sure. Facebook is just like the web.

Comment: But disabling GSM when possible is still smart (Score 2) 26

by IamTheRealMike (#48207581) Attached to: Deutsche Telecom Upgrades T-Mobile 2G Encryption In US

GSM (2G) encryption did not authenticate the cell tower, whereas UMTS (3G) and above do. Cell tower authentication should break devices like the Stingray and other forms of fake base station, unless/until governments start forcing cell carriers to hand over the signing keys for tower identities. But as devices like Stingray exist more or less exclusively to get around the warrant requirement and no carrier would assist in that way without a court order, that places the police in the awkward position of asking a judge to write an order than can only be for avoiding the same judges authority....

+ - China performing SSL MITM attacks on iCloud

Submitted by IamTheRealMike
IamTheRealMike (537420) writes "Anti-censorship blog GreatFire has published a story claiming that SSL connections from inside China to Apple iCloud are being subject to a man in the middle attack, using a self signed certificate. Apple has published a knowledge base article stating that the attacks are indeed occurring, with example screenshots of the SSL cert error screens used by popular Mac browsers. Unfortunately, in China at least one natively produced browser called Qihoo markets itself as "secure", but does not show any certificate errors when presented with the self signed cert. Is this the next step towards China doing systematic SSL MITM attacks, thus forcing their population onto Chinese browsers that allow the surveillance and censorship to occur?"

Comment: Re:A rather empty threat (Score 1) 547

by IamTheRealMike (#48189867) Attached to: Debian's Systemd Adoption Inspires Threat of Fork

The problem is that some factions in the non-systemd camp are pursuing systemd "emulation" by using shims and forks. That way you just get a second rate systemd, and it will remove any motivation from upstream projects to support anything else than system. Using Ubuntu's "logind" is a short term gain, but a strategic failure for the non-systemd camp. They need their own implementation of needed infrastructure, not just copying or emulating systemd.

It sounds a lot like the non-systemd camp have no idea what they are actually for, they only know what they are against. So this kind of thing is not surprising to hear.

The "UNIX philosophy" is an empty slogan that switches people's brains off. It sounds great, until you try and build a real system with the features modern users demand, and then it turns in to an exploding nightmare of combinatorial complexity as every program tries to abstract itself from every other program in the name of political correctness. As already noted elsewhere, the programs people use serverside Linux to actually run barely resemble the UNIX command line tools and that's for good reasons ...

Comment: Re: Moral Imperialism (Score 5, Interesting) 470

by IamTheRealMike (#48188407) Attached to: Manga Images Depicting Children Lead to Conviction in UK

Is there really someone so stupid that they cannot tell the difference between a cartoon drawing and a real child?

There appears to be an entire united kingdom whose legal system is populated with such people.

Just FYI, the rule against illegal cartoons exists in the USA too. The Supreme Court struck down attempts to use CP laws in this way as being obvious nonsense, so Congress just went ahead and amended the law to make it explicitly illegal as opposed to implicitly illegal.

Unfortunately a lot of crap like this ends up being brought into otherwise sane legal systems thanks to pressure from the USA to "upgrade" national laws to meet the "latest standards". Japan has been pressured for years to tighten its CP laws, being publicly named and shamed etc - the primary justification for not doing so was fear of false positives. Like this one. And like the notorious cases where two teenagers can legally have sex but not photograph themselves doing it.

Fact is, politicians love being able to say they made the law tougher on paedophiles. It's a sure popularity winner. So it's inevitable you end up with idiocy like this.

Comment: Re:Why the hell... (Score 4, Informative) 194

by IamTheRealMike (#48177859) Attached to: JavaScript and the Netflix User Interface

The JVM is very language specific. For example it has op codes for allocating java objects. A truly cross language virtual machine doesn't have anything anywhere near that high level or specific to a particular language.

Whuuu? The JVM does not have opcodes for allocating "java" objects unless you use a very strange definition of the term - if it worked that way then how could other languages target it? The JVM has opcodes for allocating objects and calling methods on them, including opcodes like invokedynamic that exist purely to support non-Java languages like Javascript, Python, Ruby, etc.

The JVM has a really large variety of languages that target it. It's impressive. There are static languages like Java, Scala, Kotlin, Ceylon etc, there are dynamic scripting languages like JS (using the new Nashorn engine it's only about 2-3x slower than V8), there are Lisp like languages, there are implementations of Erlang and so on. And thanks to the fairly well specified "least common denominator" type system Java provides, code written in these languages can all interop pretty nicely.

If you think the JVM is language specific then I'd suggest looking at Ruby and Kotlin, two very different languages that are not much like Java, yet nonetheless both can run on top of the JVM.

Comment: Re:Identification != Authentication (Score 3) 59

The difference is for authentication for important stuff we have to show up in person with an ID and a real human checks the identity.

For some things you can also use a SuisseID which is just a regular PKI smartcard USB dongle thingy. I have one. After installing the software, you can log in to some Swiss websites by just clicking the login button in the web page. You might have to enter a password and the dongle then signs the SSL session. It's all standards based and the certificate in the hardware is based on your legally verified identity, i.e. you show a passport at the post office and get your personalised stick through the mail a few days later.

Comment: Re:LT LP (Score 2) 387

by IamTheRealMike (#48167515) Attached to: Torvalds: I Made Community-Building Mistakes With Linux

Er, if you ignore things like lack of a stable driver API then sure. Lots of users would have loved one of those.

But Linus encounters fewer problems like that because he has little in the way of vision for what desktop Linux should be. His job is to make a UNIX kernel along the same lines they were being designed 30 years ago. He is largely judged by how tightly he replicates a long-dusty commercial design. Desktop Linux on the other hand has no such luxuries because old commercial UNIX was never a force on the desktop. There, it has to both forge ahead its own path, and also look to competitors like MacOS X for good ideas.

And guess what? The genesis of SystemD bears a strong resemblance to launchd, the MacOS X init system. But because that's not something you would have found in Solaris or AIX, the UNIX "community" throws a fit.

Comment: Re:Always a chuckle (Score 1) 117

by IamTheRealMike (#48153111) Attached to: The Great Robocoin Rip-off

I'm not especially libertarian, but I do not believe libertarianism has anything to say against dispute mediation. Bitcoin itself has the ability to do dispute mediated transactions but it's not fully fleshed out. If it was, and had been used here, a third party could have signed off on the transaction and the money could have been released, only once the machine was delivered and working.

Of course, Robocoin may have chosen not to use such a mechanism because with pre-sales, they are often spending the purchase money to actually build the machine, but that will always be extremely risky.

Comment: Re:Huge spreads on withdrawals! (Score 1) 117

by IamTheRealMike (#48153091) Attached to: The Great Robocoin Rip-off

Well, except, you know, running an bitcoin ATM in a shop is about a million times easier than getting a full blown banking license. Right now they often charge very high spreads because there's a lot of risk involved and the machines costs have to be paid down. But in theory there could be quite a bit of competition, given friendly governments and a long enough time horizon.

Comment: Re:Just tell me (Score 3, Interesting) 463

by daveschroeder (#48152325) Attached to: Positive Ebola Test In Second Texas Health Worker

No, it didn't. It was "some sort" of droplet transmission by monkeys in adjacent cages.

That is NOT -- repeat, NOT -- "airborne" transmission.

And no, it didn't go through the ventilation system; it was later learned that sick monkeys sneezing while they were being transported past well monkeys did indeed transmit the virus in this case.

It was also a completely different strain than the one we are talking about.

Airborne transmission occurs when an infectious agent is able to cling to particulates in the air and ride air currents for significant amounts of time, over significant distances, through ventilation systems, etc., long after the infected person who expelled the virus is no longer in the area.

Droplet transmission is NOT "airborne" transmission. It is projecting bodily fluids directly onto a well person in close quarters...usually less than 3 feet, but under optimal conditions, perhaps further. That is still not airborne transmission.

Furthermore, coughing/sneezing is probably one of the least effective ways to spread Ebola, even via droplets. Blood, feces, and vomit are the primary ways this will be spread. Yes, virus "could" be in saliva, mucous, semen, etc. But that's not the primary way Ebola spreads.

Airborne transmission would be very bad, but the Ebola virus is too large to spread this way. It would have to shed about 75% of its genome to be small enough for airborne transmission in sub-5um droplet nuclei that could ride on particulates. And if it did that, it wouldn't be "Ebola" anymore -- it would be something very different; perhaps still deadly, perhaps not, and so much different from what we are talking about right now that it is next to meaningless to discuss.

So, in closing: no, Ebola is not airborne.

Comment: Re: Why..... (Score 2) 259

by IamTheRealMike (#48147735) Attached to: "Double Irish" Tax Loophole Used By US Companies To Be Closed

This is not about the "sales tax" (VAT in EU) which is typically assessed and paid in a defined jurisdiction where the sale occurs.

..... until January. It appears our glorious leaders in the EU have decided that they weren't getting enough VAT because people sell things out of low tax jurisdictions (how dare they), so now VAT on various types of digital products and services e.g. online software sales or e-books get to pay tax based on the jurisdiction of the buyer, not the seller. So if you sell software in the EU now you have no choice, essentially, but to hire an expensive middleman who handles the nightmare of filing VAT returns in every EU state. Plus you need to be able to track exactly where your customers are for tax purposes. Effectively people would get a discount for buying through a proxy so god knows how this will be implemented. Total nightmare. All driven by the desire for ever more tax.

"Don't discount flying pigs before you have good air defense." -- jvh@clinet.FI

Working...