[Ed P]

I would certainly echo going for a larger monitor. For me a 28 inch monitor at arms length results in the screen edges just being on the peripheral vision fade point. Ideal for games such as Skyrim or Witcher.

Colour and resolution are personal preferences and a trade off with price. Colour was and is extremely important to me so I went for a full 4K monitor. There may be better spec/price combos now but at the time the Asus Pb279Q hit all the targets for me. (Pre Brexit it was a LOT cheaper too!)

The downside to 4K is of course that you may well have to buy a new GPU to get all the benefits. (They will still work at lower resolutions/fps  however).

[Ed P]

According to the research paper, the core problem goes a bit deeper.

“In the attempt to bring modern broadband Internet fea-
tures to traditional broadcast television, the Digital Video
Broadcasting (DVB) consortium introduced a specifi-
cation called Hybrid Broadcast-Broadband Television
(HbbTV), which allows broadcast streams to include em-
bedded HTML content which is rendered by the televi-
sion. This system is already in very wide deployment
in Europe, and has recently been adopted as part of the
American digital television standard”

In the context of the research paper I read this as saying that the ‘door-opener’ to local user access is  access is an inherent part of the standard!

“… To create an autostart broadcast-dependent application, the broadcaster includes in the MPEG transport stream an additional application information table (AIT) describing the broadband-based application, then references this table in the program mapping table(PMT) describing a certain TV channel. The HbbTV specification defines two possible ways of providing the application’s actual web content (i.e.,HTML pages, images, and scripts). One way is to have the AIT include a URL that points to a web server hosting the application. ”

Put simply this gives the ‘broadcaster’ local user access privilege, and of course the same for any LAN/WAN connected device.  Whether this gives ‘root’ to the TV depends as said on the TV/device’s OS patching. However generally speaking gaining local user access is more than half the battle for a hacker, local privilege escalation bugs are relatively common. However in the context of gaining local user access to the household LAN such an exploit is at best a moot question!

The time to get really worried is when you read that an Software Defined Radio (SDR) has been hacked to generate DVB signals in the UK spectrum, as that is when BlackHats will start cruising neighbourhoods. Next week maybe! link

Until then we need only worry whether GCHQ has gone to the dark-side.

[edited to remove some funky line-breaks in the quotes]

[Ed P]

I found a more straight-forward reference to the Pi boot state which also covers the very different functionality of some pins between the various Pi incarnations.I needed this for a Adafruit Pushbutton power switch which incorporates an off/kill function that kills everything when it goes high. I therefore needed a gpio that would be low at boot state and stay low until otherwise programmed.

You will find also this particularly useful for wiring up some of the very small Pi screens (<3 inch) which came out in the early Pi days.

GPIO link

[Ed P]

Smart TVs have a browser, so have all the benefits and insecurities that go with it. I think securing Smart TVs is non-trivial as they normally use a wifi connection to the router and seem to default to DHCP.  Probably the better way of securing them would be to label them non-trusted in firewalls.

I have never seen the code-base for Firestick but I would be reasonably surprised if it does not conform to the code used in Smart TVs so it probably has the same inherent vulnerability of any IoT device – it uses an ancient unpatched form of Linux and it connects to the Internet.

[Ed P]

Not quite the same Richard, The number of homicides is roughly 20% higher, 2010s versus 1960s. (Government stats).

The ‘why’ is probably a bigger question as National Service was pretty much already over in the 1960s, so that hoary reason cannot be used. Booze is probably cheaper and stronger than it was back then, so that may be a factor. That said, most murders, both then and now are family affairs.

Unfortunately Government stats do not allow you to delve too far into the details to be able to draw meaningful comparisons for young adult crime.

[Ed P]

Richard, I think it is getting to be pretty difficult to buy non-Smart TVs.

a) The public want them – so that is what vendors stock (roughly 50% are ‘smart’ at the moment.) The public want a Smart TV as British TV is fairly dire so people watch Netflix etc via their Smart box.

b) The manufacturers are getting additional revenue streams from selling or pushing services etc.

 

[Ed P]

Agreed, it is more of a pain for <span style=”text-decoration: underline;”>underline</span>.

 

[Ed P]

I know a couple of seemingly well educated people in Manchester who think that restricting immigration applies to ALL immigrants going way back to the time of the  ‘Uganda Asians’! There was a worrying racist undertone to a significant portion of the Brexit vote.

[Ed P]

Richard, it is in the article:

” … the attack gave Scheel the ability to remotely connect to the TV over the Internet using interfaces that allowed him to take complete control of the device. The infection was also able to survive both device reboots and factory resets.”

and their referenced earlier paper:

“…. our findings are significantly broader than the specific devices that we used in our analysis; indeed, any future device that follows these specifications will contain these same vulnerabilities. Exploiting these vulnerabilities, an attacker can cause many thousands of devices to interact with any web-site, even using any credentials stored in the TV sets for accessing services such as social networks, webmail, or even e-commerce sites. This capability can be leveraged to perform “traditional” attack activities: perform click-fraud, insert comment or voting spam, conduct reconnaissance (within each home network or against a remote tar-get), launch local or remote denial of service attacks, and compromise other devices within the home network or even elsewhere. Beyond these, the attacker can also control the content displayed on the TV, to craft phishing and other social engineering attacks that would be extremely convincing, especially for TV viewers who are educated to (and have no reason not to) trust their screens”

Complete control of an embedded Linux computer means that you can set up root with your own password. Once there you can call mother in GCHQ/NSA etc and download more instructions to do a network scan or anything that can be done by a Trojan. If the network is is on the ‘wanted’ list then the target is completely compromised. So much for today’s environment when only Nation States have access to the TV broadcasts, tomorrow is something else as that is the one where the Black Hats can cruise around neighbourhoods taking over networks setting up bots etc.

I’m not really too worried about GCHQ/NSA as they can only afford to go for specific targets and hopefully do not do anything for trivial reasons. Black Hats do it for lulz or criminal intent and are far more of a worry!

[Ed P]

In fact if you carefully read the article and do a bit of extrapolation it says that nearly ALL smart TVs are vulnerable as they are based on an ancient release of Linux which is rarely if ever patched to remove all the many Linux vulnerabilities that have emerged in the intervening years. Assuming the broadcast signal is able to set up a root account, then further broadcasts can take over the control of the Linux computer at the heart of the TV. If this is attached to your network it is almost certainly a trusted device and could in theory then mount attacks against more capable PCs. It isn’t just the mumbling and cussing of a typical family TV room but full access to any or all your computerised financial affairs.

In short this could be all the potential headaches of the IoT and ip cameras but without the pain of trying to get through passwords and firewalls.

Luckily I think there is a little time to fix these issues before they impact on more than conspiracy theorists etc.

[Ed P]

I think I would wait until April 11 link

[Ed P]

Thinking further – I guess some of those ‘assets’ are the pensionable part of any employee working for the EU during Britains membership. That bit at least should be a fairly straightforward bit of arithmetic as every pension plan has to publish its assumptions in order to calculate the funds health.

For the rest I remain ignorant as unless we continue membership of things like scientific research programs we should only pay for those items giving the UK a tangible asset/benefit. I can see the ‘Divorce’ taking a lot of the two years!

It will be in everyone’s interest to then move directly to ‘temporary arrangements’ with associated temporary agreed charges until long term trade agreements can be sorted out. (A further five years minimum imo). I can see my having a lot of schednfraude watching Davis and co wriggle their way out of that situation!

[Ed P]

Interesting, but as a very average gamer I wonder if there is a lot of purpose to running at frame speeds in excess of 60fps. Apparently only trained fighter pilots can see detail at much more than that. link.  Would it not be more meaningful to ramp up the graphics quality to the max at 4K and give the resulting frame rate?

[Ed P]

or RTFM!

[Ed P]

It will also be interesting to see how it performs with the ‘process per core’ model that Windows 10 Developer is supposed to use. My guess would be that it would make such optimizations easier to perform.

[Ed P]

It would be fairly simple to implement this for existing businesses.

a) No capital allowances for certain devices. (I do not really like this approach as it is cumbersome and would give accountants a field day).

or

b) Apply a ‘lock’ to a company’s prior year’s proportion of the National Insurance contribution and instead make this an annual charge irrespective of changes in the numbers of people employed. I’m not sure how to handle start-ups – maybe they would get a free ride, but a mechanism would be required to eliminate evasion by shutting down and restarting a company, but maybe compulsory redundancy payments would be enough to dissuade evaders.

Government’s would not like this as they are wedded to the idea of ‘productivity’ without doing all the sums for the nation as a whole. A flexible labour force is a great concept, but only if there are enough jobs to go  around.

[Ed P]

Bill Gates proposal was debated in the EU but was unfortunately thrown out. link

I’m not against automation having spent much of my life introducing it, but I do think that the current rate of change is much greater than society’s ability to absorb it. The one area that really worries me is the retail sector. This is already suffering from Internet shopping, and automated check-outs are rapidly eliminating many of the few retail jobs that are left. The rate at which jobs are disappearing is staggering.

I do not know how to phrase this without being intellectually condescending, but statistically there is a large percentage of the population (about 10% of working population) who are not really well suited to do anything else, and I have not read or heard of any Government plans to address the problems that will be caused by 3 million jobs going away.

[Ed P]

Most ethnic Chinese and Japanese are very racist, but generally not rude. Their sense of humour is very different, and many Western jests and off-hand remarks are thought extremely rude. East-West cultures ARE very different, and both provide potential minefields for misunderstanding.

I agree they have their faults but I would not put their $50000 fee to own a car for ten years as one of them. You don’t actually need a car in Singapore. Public transport is cheap and quickly gets you nearly anywhere on the Island in comfort. The few areas not covered are covered cheaply and efficiently by taxis (fares are less than here). It isn’t an us versus them on cars, just a way of heavily discouraging ownership on a 30×30 mile island Even the very rich think twice before getting a car.

[Ed P]

Duke, Singapore is pretty close to the sort of society you envisage. Capitalist, but very Socialist in their application of things. So far they have managed the difficult balancing act of simultaneously being the ‘good-guys’ to both the US and communist China. They also have a much lower corruption level than the UK and are amongst the top five in terms of low corruption. (the UK is relatively stinky in that respect). Unfortunately to achieve this, their society is both heavily controlled and paternalistic as hell.

One of the tenets of their society is that everyone works to the best of their abilities, and local companies are ‘forced’ to have a quota of make-work jobs e.g. lift attendant, hedge clipper etc. They appear to have an ambition to buy time for their society to adapt to a highly automated civilization by putting huge emphasis on both education and R&D. They also have a big emphasis on labour intensive service industries with Tourism being number one in this respect. (watch the Giles Coren episode on the Singapore Marina Bay Sands and look out for the mention of the Singapore Government’s role).

Unfortunately we would need a revolution before we could move towards such a meritocratic high-tech society as we have far too much bureaucratic  dead-wood in our Government and Civil Service.

[Ed P]

I found this research paper interesting. It needs a lot of grunt to train a face recognition AI data set (a top of the line nVidia graphics card running flat out for nearly an hour). However once you have your trained matrix, things get computationally easier. In fact you can run the face detection and face recognition on a raspberry pi in under one second. Add on a bit of processing time for voice synthesis and you could probably set up a practical working body cam just using a Pi that would probably do thirty percent of what you would want from your Google Glasses.

Sounds like the sort of tech that could be of real value to the Bobby on the Beat for recognizing crims — oh damn, we got rid of all them plus all the PCSOs. Ah well !that is just typical of our technically ignorant Home Secretaries, and politicians!

[Author]

Posts