Forgot your password?

Comment: No shit (Score 2) 419

by Sycraft-fu (#48042563) Attached to: Will Windows 10 Finally Address OS Decay?

I've found that there are really no issues with regards to running a new OS for long periods of time. There was a time when regular reinstalls were a part of my regimen but that is long past. I reinstall only when there's a specific need. That doesn't mean I just put up with a slow computer either, I demand very fast performance from my systems. A reinstall just isn't needed to maintain that.

Likewise, components have gotten much better, and upgrades more incremental, so I've found the need to buy new hardware that would necessitate a reinstall to be less.

My guess? This person either has crap on their system that causes issues, or this is just a "magic incantation" they've always done for supposedly better performance without understanding or examination.

Comment: Ahh yes (Score 1) 164

by Sycraft-fu (#48028267) Attached to: Apple Fixes Shellshock In OS X

Everyone should just go and learn C and how to do POSIX programming, attain enough mastery in it to be able to diagnose code for obscure security issues (that have eluded many programmers for years) and then design a secure fix.

And they should do that in a day.

Ya that sounds reasonable.

FYI not only are most people not programmers, and have no interest in becoming programmers, but most lack the kind of brain it takes to be a good programmer. The whole "Oh it is OSS fix it yourself!" argument is a really stupid one.

Comment: No sensible person ever though it was impossible (Score 2, Informative) 164

by daveschroeder (#48027003) Attached to: Apple Fixes Shellshock In OS X

But even here, again, when you look at a typical OS X desktop system, now many people:

1. Have apache enabled AND exposed to the public internet (i.e., not behind a NAT router, firewall, etc)?

2. Even have apache or any other services enabled at all?

...both of which would be required for this exploit. The answer? Vanishingly small to be almost zero.

So, in the context of OS X, it's yet another theoretical exploit; "theoretical" in the sense that it effects essentially zero conventional OS X desktop users. Could there have been a worm or other attack vector which then exploited the bash vulnerability on OS X? Sure, I suppose. But there wasn't, and it's a moot point since a patch is now available within days of the disclosure.

And people running OS X as web servers exposed to the public internet, with the demise of the standalone Mac OS X Server products as of 10.6, is almost a thing of yesteryear itself.

Nothing has changed since that era: all OSes have always been vulnerable to attacks, both via local and remote by various means, and there have been any number of vulnerabilities that have only impacted UN*X systems, Linux and OS X included, and not Windows, over very many years. So yeah, nothing has changed, and OS X (and iOS) is still a very secure OS, by any definition or viewpoint of the definition of "secure", when viewed alongside Windows (and Android).

Comment: News flash for you (Score 2) 194

by Sycraft-fu (#48025247) Attached to: CEO of Spyware Maker Arrested For Enabling Stalkers

If you set foot in a country, they can arrest you for violating their laws. Doesn't matter if you aren't a citizen and live overseas. If you come there, they can arrest you. So let's say you regularly trash Islam and the Ayatollah and are well known for this. Then you travel to Iran. They very well can arrest you for that. They can't do much if you don't go there but if you show up, they can grab you.

Now in terms of if this particular arrest is legit for the American legal system, almost certainly. Doesn't matter that he was living in a foreign country. If he sold something that is illegal to Americans and using American services, he broke American law. Doesn't matter if he wasn't in America at the time, you don't have to be in a country to break their law. Let me give you a couple examples of how one can easily break a country's law from another country:

1) Ordering someone murdered. Let's say you have yourself a little gang with members in a few countries. You don't like someone over in Sweden so you order one of your Swedish members to murder them. That person broke Swedish law, but so did you. Doesn't matter you weren't there, you orchestrated a murder, that's illegal, and if they can get their hands on you you'll stand trial for it (the US would happily extradite you for that).

2) You set up a gun smuggling business for Canadians. You go and buy guns that are legal in the US, but illegal in Canada. You have them smuggled up and warehoused there, and then sell them to Canadians. You've broken Canadian law. Even if you are operating everything out of the US, what you are doing isn't legal in Canada and that's where it is being done. You house the guns in Canada and sell them to Canadians, that makes it a Canadian issue (you'd get extradited for that too).

So if this dude is selling his shit from AWS, to Americans, the courts will have no problems with the claim that American law applies.

Comment: Or put another way (Score 2) 194

by Sycraft-fu (#48025219) Attached to: CEO of Spyware Maker Arrested For Enabling Stalkers

Intent matters in the law. There are things that can be legal or illegal depending on the intent behind it. This can apply to tools as well as actions. If you sell a tool for legitimate uses, you are generally fine even if the tool has some illegitimate uses too. So long as your actions, as in marketing and such, show that you intend it for legit uses, you are fine.

A good example would be all the fine burglary tools for sale at Home Depot. A large number of the tools they sell would work very well for breaking in to houses or cars. However it is very clear that isn't why they sell them, nor why 99.99% of their customers buy them. Not only do the tools have a substantial legitimate use, but that it what all their marketing is about. They don't try to convince you that you need a hammer drill because you could drill open most locks, they try to convince you that you need a hammer drill because you want to put up shelves in concrete or the like. They intend their tools to be used for legitimate activities.

The more shady the product, the more careful you'd better be about how you sell it because the easier it could show intent to have it used for criminal purposes. If it looks like you are just paying lip service to legit uses but really trying to sell your stuff for illegal uses, you are likely to get in trouble.

Comment: They want the court fight (Score 4, Informative) 335

by Sycraft-fu (#48011095) Attached to: State of Iowa Tells Tesla To Cancel Its Scheduled Test Drives

They know this is an issue they'll win in the long run. There is no justification for the states doing what they are doing, they've just been paid off by the auto dealers. Tesla has won every fight about this I'm aware of. So they want it, they want to get this straightened out in the courts.

If you try to do something to skirt the law, you risk it biting you in the ass later. If you get a court ruling saying "You are allowed to do this, the state has to F off," then you are good to go.

Also, you might notice it gets them press. Nothing like looking like the poor trod on underdog to get more people sympathetic to your cause an interested in your product. They go about everything above board, get stepped on, fight back, win, and then get their way, plus good PR.

Have to take the long view on these things.

Comment: Re:Well hang on there (Score 1) 904

by Sycraft-fu (#47999823) Attached to: Miss a Payment? Your Car Stops Running

No kidding. The whole reason there's a time between "due" and "late" is so that you've time to get a payment out and deal with any issues. Hence it behooves you to pay when something comes due, or shortly after, rather than wait.

Like one time I get a call from some business who just got a check from me to them by mistake. It was for my association dues. My bank mails out a cashier's check, at my behest, each month to the property manager. They had done so properly, but the USPS fucked up and sent it to the wrong address. Now this was no issue as I still had 25 days until payment was late. So I called the bank, they voided the first check and issued a new one. Everything got there no problem.

Now had I waited till the last second it would have been ok, I wouldn't have been out of house and home or anything, but it would have been a hassle getting things all straightened out, and I might have had to pay a late fee. Probably not, as they need to be nice to the owners since we hire them, but they would have the right to charge it.

You want to build slack in to your schedule in case something goes wrong, and that applies to finance as well as it does travel or the like. Well, that time between "due" and "late" is the slack.

Comment: Re:Well hang on there (Score 1) 904

by Sycraft-fu (#47996069) Attached to: Miss a Payment? Your Car Stops Running

I wouldn't presume reporters did their job, they rarely do these days. It is amazing how lazy most reporting is. I generally assume when you hear a story with no discussion of it that all they did was get that person/company's story and print it and did no checking. Usually, I'm right in that :P.

Comment: Well hang on there (Score 4, Interesting) 904

by Sycraft-fu (#47995103) Attached to: Miss a Payment? Your Car Stops Running

While I'm not saying we should take the word of the lenders without verification, neither should we take the word of the people who are on the receiving end. They may very well not be telling the whole story. Some people who have financial troubles have them because of their own choices, but they rarely admit it.

I had a roommate like that. He was an alcoholic who wouldn't admit it or deal with it. He continually made bad choices in his life, but would never admit anything was his fault. In terms of finance he never paid things when they came due, he didn't pay until he was forced to. It was "due" according to him when they were about to shut off his service, or the like. So he'd get mad about his cellphone getting shut down when he was "a day late" by which he really mean "45 days past the due date, over 30 days late, and had 2 threatening letters to disconnect."

So before you go jumping to the defense of the people in the article, you might want to see what the terms of something like this is. I don't know, and I'm not saying it isn't a "you have to pay by the second it is due or we shut it off," but it also might well be a normal "It is due on day X, late on day X+15, and we shut it off on day X+20," and the people involved have just decided that "X+20" is the day it is "due".

With regards to #2, where in the US if you call 911 do you not get an ambulance? They are not taxpayer funded, but they are required to take ALL calls. If there's a medical emergency, you'll get transport and treatment, even if you lack the means to pay. That is part of the problem with high healthcare costs (the costs of people who don't pay get rolled in to the people who do) and an excellent argument for universal healthcare at least for emergency treatment.

Comment: Precisely (Score 3, Interesting) 167

by Sycraft-fu (#47979931) Attached to: Now That It's Private, Dell Targets High-End PCs, Tablets

They were mad at Dell because Dell wasn't in Apple's market. Apple was exploding with growth, whereas Dell "only" had a stable market that they did well in. They didn't like all the server sales because that wasn't a growth market with huge margins.

With high end boutique computers would be a similar issue. While margins might be good, volume would be low and would never go up. It will always be a specialty market. Hence not something investors want money being "wasted" on. Doesn't matter there's money to be made, it isn't enough money fast enough with the promise of infinite growth.

Well, sounds like the private investors that own Dell now are a bit more sensible. They realize that there's something to be said for making money in smaller markets.

Comment: He's not actually interested (Score 1) 125

by Sycraft-fu (#47956881) Attached to: NVIDIA Launches Maxwell-Based GeForce GTX 980 and GeForce GTX 970 GPUs

It is AMD fanboy sour grapes. For some reason some people get really personally invested in their choice of graphics card. So when the other company comes out with a card that is substantially better than what their company has, they get all ass hurt and start trying to make excuses as to what it is bad. The nVidia fans did that back when the AMD 5870 came out and nVidia had no response. Same deal here. The GeForce 900 series are a reasonable bit faster than the AMD 200 series, and way more power efficient. At this time, AMD doesn't have a response, so the AMD fanboys are going on the defensive.

The real answer is, of course, buy the card that works best for your usage, which will vary person to person.

Comment: Very much so (Score 1) 287

by Sycraft-fu (#47944575) Attached to: Slashdot Asks: What's In Your Home Datacenter?

I always thought it was an awesome idea to have a bigass set of computers at home... Ya well now I get paid to manage a bigass set of computers professionally and I'd rather just leave them there, thanks. Also there's no compelling reason to want my own servers for the sort of things I do, VMs work so well. I'll just lease one from somewhere, or spin one up at work.

At home, all my gear is related to, well, home use. More than a non-geek would have for sure but no data center.

Comment: Re:What's your suggestion for intelligence work? (Score 1) 504

by daveschroeder (#47938235) Attached to: Apple Will No Longer Unlock Most iPhones, iPads For Police

An oversimplification. The US, UK, and allies variously broke many cipher systems throughout WWII. Still the US benefitted from this.

What if the Germans were using, say, Windows, Android phones, SSL, Gmail, Yahoo, and Skype, instead of Enigma machines?

Work continues in this area. -- DEC's SPR-Answering-Automaton