@edps
Forum Replies Created
-
AuthorPosts
-
In all matters financial there are elements of both luck and timing, backed by sound judgement.
When buying a house, remember location is everything, but of course finances, work and commuting set limits on what can be done. This article has some tips that look to be reasonable advice on spotting good locations near the start of their price growth curve. You can almost use the opposite to spot the future dogs. You can get a lot of area data from places like the Office for National Statistics or Police Crime figures. (You might have to wait a while to get a good return in London’s Stratford, but trend the crime stats and when they start to fall as this could be a good time to speculate! The ones who did this in London’s Islington made a fortune.)
… Making it illegal won’t stop the bad boys.
Unfortunately this applies to every facet of Modern communications – the really ‘bad boys’ are funded by the oil sheiks and/or criminal activities. As a result they have deep pockets to fund research into ways to evade Government surveillance. The only ones ‘caught’ are the relatively innocent, and the consequence is that the Government wastes megabucks on processing irrelevant dross.
You could TRY a mortgage calculator and see what that shows. Like Dave & Richard I paid off my mortgage as soon as I had built up enough loot during my Middle East sojourns so I’m afraid I cannot test it for you.
Because the people with the power to stop it are clueless about such things. Bear in mind that governments want even less security so they can protect us from pedophiles and terrorists.
+1 – Unfortunately Governments have been at the leading edge of ensuring that PCs and IoT devices have less than stellar intrusion proofing. Even now we cannot scan for malware that uses certain vulnerabilities which are also in use by Governments or Police forces. A/V companies agree (or are forced) to white list these, even while the same exploits are being used by crooks.
Some of the most dangerous of the Linux exploits follow unexplained kernel alterations, for example the numerous unexplained Cisco OpenSSH vulnerabilities that have compromised countless routers gives more than ample grounds for suspicion with respect to their origins.
The problem is that the IoT encompasses a broad range of electronic equipment. The items include not just the (cretinous) ipcamera enabled vibrator and talking toys, but now covers devices without which the modern world would barely function. e.g. all routers and intelligent switches, hospital/healthcare, ecus in cars, industrial automation and so on. The list is endless. (link to examples).
Although your original point on the need for security was well-made, it is just too late. For good or ill the genie is out of the bottle. All we can hope is that the next generation of SoCs learns these security/update lessons and that the evil, stupid barstewards in Governments do not compromise such moves through their desires to snoop on everything the public does.
… should these devices really be let lose without some guardhouse function interfacing them to the rest of the world? Many of them are very cheap devices right out of their depth in today’s world of threat and ever changing menaces. I am starting to think that some form of minimum construction standards might been to be set as there are with electrical devices, cars, trucks, etc. If governments cannot bring them selves to do something I can see the likes of the insurance industry starting to take a look via liability clauses and the like, do this, or introduce that and your cover is blown.
Richard the problem is that the horse has already bolted. There are literally hundreds of millions of routers, intelligent switches, TVs, microcomputers, ipCameras — you name it. Almost anything with a vestige of intelligence that are already in daily use. Most of these devices are operated in complete ignorance that they have a cheap eLinux SoC at their heart. Many indeed have no obvious way to root them and change the manufacturer assigned password. Contrary to your dissertation that things are too easy to change, I believe that these ‘idiot-user-hidden’ devices are in fact the really dangerous ones as those with evil intent (be they Mafia or Nation States) have deep pockets to develop hacking attacks and unalterable Admin/admin name/password combinations are as common as muck.
I fear that many of these devices are sitting in MoD (or equivalent) facilities just awaiting the remote activation code telling them to crash & burn. As a country a stupid penny-pinching tech-ignorant Government sold-off our secure chip manufacturing industry years ago. I shudder to think just how many defence components now contain Chinese-made SoCs.
Actually Dan there is a hardware problem caused by eLinux and the hardware manufacturers. A lot of the cheap Chibay devices use a years-old version of eLinux pre-burned onto a SoC- why they do not update I don’t know but suspect version control of their own firmware is an issue. Why these little devices do not autoupdate is yet another issue, but there are practical limitations to a hardware format that is built around sdcards as storage. This thread discusses some of the practical difficulties of trying to implement an auto-update regime.
The net result is that the first line of defence is thrown at the user, often without them even knowing that they have the problem. So I guess you could paraphrase the problem as Linux being too complicated for the average user, and they should not be allowed to even use a router without sitting through a training course. :wacko:
.
If you use a mortgage broker the position can even be worse than that outlined as they take their pound of flesh very early on.
The really bad situation comes for those who have an interest only mortgage as they can easily finish with nothing just as they are retiring. They take a huge gamble that the value of the property will rise sufficiently to pay off what they owe and leave enough to downsize. Sadly, those who took that gamble 30 years ago have been very badly burned and may even owe money as their mortgage matures.
Richard, there are easy ways to fix this issue. I have seen some IoT hardware open on the set Admin password and refuse to go any further until a new Admin name and new password were set.Sadly the Chibay stuff comes with set passwords that are hard to change, and even the Raspberry Pi does not enforce security.
A first log-on script could easily make that password 8+ characters including lower and upper case plus number and special character. Or ask some simple questions and tuen it into a password for the user.
If you want to skip a lot of updating you can jump the install straight to the developer version that will be released next week.
Ars has the details.
I independently tested this before seeing it in Ars as I had a ‘stuck’ Insider version. Often these can be a real pain to unstick, but the upgrade worked like a dream with nothing lost including the 32bit program suites I have installed for test reasons e.g. Windows Office 2007 etc.
According to this, only Windows Store games will get any real benefit.
Looks like the sort of nasty DRM you get from Ubisoft will be a killer, I do not normally associate id with carp drm, but times change and Betesda released it. Some programs may need a patch – I know for a fact that Stardock issued a WindowBlinds patch specifically for the Developer Release.
I’m more of a Swingles Keyboard classics or Electronica type of person, but Music is like Brexit – most people have their own firmly held views.
Music takes many forms and can even provide a suitable accompaniment for political events!
“…need a bigger, stronger armed forces in the future”
Maybe — I would be far happier with a military fine tuned to support purely UK objectives and ignore the impositions of the US.
Dump Cold War, Armageddon weapons like Trident, but keep nuclear tipped cruise missiles as insurance against madmen and evil Mullahs. Dump Flying Turkeys and invest in a cheaper more effective cloud of drone fighters. More close support weapons (especially drones), and better equipment/protection/robotics for the PBI. Put the Navy in small boats, cheap drone transporters (container ships will do) and logistics support for the PBI. The days of hypervelocity cruise missiles has resulted in all capital ships becoming a waste of money and lives.
I would add new investment in countering computer and infrastructure vulnerabilities. This may take a wodge of cash as I am very distrustful of electronics built around foreign chips where we do not have a clue what micro-code has been hidden away awaiting a triggering instruction. Invest in new economic weapons*. Bridge the funding gaps from Trident savings and scrapping the Lightning II.(F35).
*Might for example be a new form of Stuxnet or even simple ways of bringing down electrical grids on a country wide basis – EMP weapons minus the nuclear blast?
I somehow think an official report from Dr Michael Gilmore, the Director of Test and Evaluation for the US military holds more weight than fluff put out by the MoD to cya on their carp decisions.
I do not think there are two sides to this situation other than perhaps some of the US problems (such as their neck-snapping Bone-Dome) are specific to US mods and kit. Maybe also our ejector seats do not potentially kill pilots who weigh less than 40 kilos.
The problem I have with it is that the typical way of training a neural net is that you have (say) a fuzzy out of focus pic of a scene and a good well focused pic of the same screen, you then convolve the fuzzy pic using a zillion different convolution matrices and rate the best matrix fit. Rinse & repeat for a zillion different pics. That trained convolution matrix is then the one that is used in the production run. I could not identify that sort of process going on within the training routine. One day I will have to reread that part of the program to see what it is happening.
The final word on the US version of the Flying Turkey was appropriately published on April 1st! link
El Reg has a synopsis that in effect states that the F35 can barely fly, and is certainly not much use as a fighter.
Maybe the US should now compensate the UK by funding a new type of Harrier perhaps a Goshawk!
I had similar experiences to you. Nice idea, shame about the output!
I could not work out the basis used for their training pictures. I think the flaw was probably in the way they paired low and high resolution pics of the same scene.
I just had a thought, I have a separate PC with its own nic/separate domain(not sure that is the right word – unlike my ‘normal’ addresses on 192.168.x.x etc this PC is on 10.x.x.x. )I use this for the untrusted hard wired ip cameras. It has a broadcast wan mode so I can use this from my normal network to view the cameras. If I used the second PC to set up its own wifi hotspot would that be a safer way of connecting the Smart TV?
Thank you, that will take some time to appreciate. It does sound like the law of unintended consequences biting the backside of those who let it come near to them. The question then becomes how hard does it really bite?
‘Unintended consequence’ — that may be a charitable statement considering that this flaw was demonstrated during the draft consultation phase for the spec! Conspiracy theorists may have a different view. :scratch:
To be honest, at the moment (assuming you are not of interest to the powers that be) then there is almost certainly a zero impact on personal security around the home.. Widespread dangers are however on the near horizon and I do not know if they can be fixed at the firmware level.
As you earlier pointed out the ideal would be to put such devices on a separate (untrusted) domain. I do this for my (wired) ip cameras, but I would not have a clue on how to do this for my idiot-proofed Smart (dhcp wifi connected) TV. I think that may need at least a TV software fix. Any ideas Dave?
Colour it great! :good:
Nice one, thanks Lee.
Thanks. While you are there could you see if it possible to change the spell-checker to UK English? I’m fed up with seeing colour underlined as a mistake. (It does not appear to be a browser setting as I already have my Firefox browser set to display UK English, but maybe I need to change something else).
-
AuthorPosts