Original URL: http://www.theregister.co.uk/2008/04/06/comments/

Ubuntu unpwned as CERN prepares to destroy Earth

And mobe explodes teacher

By Robin Lettice

Posted in Letters, 6th April 2008 08:02 GMT

Comments Distressingly-named Los Angeles law firm Kabateck Brown Kellner is suing Apple for "deceptively" marketing the new 20-inch iMac. This provoked a spray of Apple spittle from readers, and a bit of a tussle:

Apple is a corporation. The entire goal of any large corporation is to rape customers just enough to make the most money possible. A little bit of marketing and smooth plastic shouldn't be enough to confuse people about that.

Nearly every Apple release is accompanied by lies and half-truths.

"We switched to Intel because they're 4 times as fast" really meant "We make 4 times as much profit selling you cheap Intel chips, and you're all too ignorant to notice that the first few generations of our kit will be slower than the last PPC hardware by a huge factor."

I could go on, but it's pub o'clock.

Nexox Enigma


I have been an apple user for my entire working life on computers and every year they get more shoddy than the last.

It is now becoming damn near impossible to say that Apple machines are rock solid, perfectly engineered machines that do what you want when you want it.

It's unfortunate that they seem to think that people will put up with badly designed products just because they are branded with an apple logo.

I for one am going to investigate building my own machine next time I'm ready to upgrade and make sure that all components are 'Rock Solid' from the beginning.

Signed

A very unhappy 2007 iMac 20" user....

Anonymous Coward


If you really need or want a Mac then buy a Mac Mini and stick a monitor of *your* choice on it, not the rubbish that Apple want to peddle. The same thing goes for buying PCs, don't get the 'free' monitor that Dell et al. bundle with the machine.

Anonymous Coward


Damn right people are complaining. For 800 quid it's entirely reasonable to expect a full colour monitor - especially as it can't be changed, and because it is what Apple reinforces its machines are supposedly good at.

Also, given Apple's target market ('it just works') they shouldn't be trying this sort of crap.

As to respondents here having crappy monitors - well, the TFT at work is probably crap, but then again it's not used for image editing. The CRT at work, the CRTs at home and the TFT at home render colour properly (yes, I checked before I bought).

Peter Kay


It turns out that BT secretly profiled the web browsing of 18,000 users without their consent in 2006 using ad tech provided by Phorm, which was then known as 121Media. Phorm itself has emphasised a commitment to privacy. When we stopped laughing, we questioned Phorm on this, and the company responded by calling us unethical. Us? Unethical? That's like saying we have no integrity.

Firstly, given your reportage to date, I accept this is not an April Fool story ;)

The important point here is that BT deliberately sought to hide what it was doing. It cynically deceived its customers and was knowingly sailing close the wind in legal terms.

BT cannot be trusted to tell the truth. The company has lied about this issue consistently; why should we accept anything BT says now as true?

Furthermore, BT has shown no signs whatsoever of backing away from Phorm nor from the concept of traffic interception for commercial gain. At least both Carphone Whorehouse and Virgin seem to be re-evaluating their commitment to Phorm.

As to Kent (with a 'u') Ertugrul and his PR people's spin:

"We think it is unethical of the Register to seek to undermine a technology..."

Bloody gall! Pots and kettles. How *dare* they accuse anyone of being 'unethical'

"... that enhances online privacy..."

Bollocks! In fact, it does exactly the opposite as K(u)nt well knows.

"....Phorm's system ensures that ads are served with no data storage ..."

Storage is irrelevent, a red herring. You bastards are intending to intercept my packets and spy on me.

"... something that will benefit readers of the Register and other websites."

No it won't. Not in the slightest. Not in any way imaginable.

This whole sorry saga needs and deserves the widest possible media coverage. El Reg has done a sterling job so far but, sadly, ninety-five per cent of DSL-using Joe Public is technically illiterate and doesn't read The Register. A lot more coverage such as The Guardian's and the BBC's is needed to generate the deluge of complaint that BT so richly deserves; and wallet-voting by switching ISP is the best way to reinforce the point.

Phuck off, Phorm. Do not want.

Sceptical Bastard


The deeper we get into this the worse it gets. Even I never saw this coming and until the end of the second page I was beginning to believe it might be a very clever April Fool but now I am left staggering.

I submitted a petition on the PM website on Friday evening to call for the PM to demand the Home Office initiate criminal proceedings against BT for the 2007 Trials which they recently admitted to and was shocked yesterday to find out it had been rejected for unfathomable reasons.

You can see the petition text and the email I got from the PM web team on the following link:

http://www.cableforum.co.uk/board/34518506-post1951.html

I am also currently investigating the possibility of filing for a High Court injunction to prevent Phorm technology being deployed in the UK with any of the 3 ISPs under RIPA; anyone who has any feedback they wish to give on that please contact me.

And in closing, Wow.

Alexander Hanff

PS.. You need a Gobsmacked icon ElReg

Alexander Hanff

After three days of determined hacking and pwning, during which time the Mac and then the Windows machine toppled, only the box running Ubuntu remained standing. The Pwn2Own contest at CanSecWest pitted the three machines against hackers, with the prizes being the computers themselves. Cue smug Linux users and apologists of the other two camps. And the odd impartial commenter, of course:

The only machine truly secure from remote exploits is the one not connected to the Internet and locked in a vault.

Additionally, the user is as important a part of the machine's security as the OS is, if not more. All the security in the world won't protect a user from their own actions.

Dive Fox


Weather it's flash or nvidia drivers; proprietary code is a security problem. It's all right when it works but I'd feel safer if all those who put these little black boxes in the linux platform would open source them or be replaced with things like gnash (when it's finished) and the nvidia nouvou driver.

Otherwise there will always be something you'll never be sure of security wise.

Martin Owens


Be nice to knowhow many hours were spent on creating each hack.

That would give some indication of a) the difficulty of finding the explot and b) any hacker bias for/against an OS as I doubt equal time was spent on the Linux hack as it's much more sexy to hit the big guys

toxic monkey


Although this competition does have some interesting and useful points - and a largely unnoticed one is that "new and shiny" doesn't always equate to "safe and sound" (pricey new hardware and OS often are "protected" for a while by their scarcity on the ground) - it pretty much sews up what most IT professionals have known for years: a "home" platform, regardless of its merits, will fall to a determined hack when it is attacked. This is why major ISPs are removing as much damaging capability on their consumer networks as quickly as possible. Reduce the attack surface from the little farmers with their pitchforks and torches, and everyone can sleep tonight.

Hence the topic: what about a serious server pwn2own contest? Get three major server vendors - like IBM, HP, Sun, etc. - to provide a nice mid-class server platform configured for a "typical" firewall task. A web server, mail server, ecommerce server, etc. Three different OS and hardware platforms (Power/AIX, Intel/Windows, SPARC/Solaris), also patched and configured by the vendors to spec. Then let the games begin: whoever can get the target server to spew unauthorized scripting (should be a suitably innocuous script provided as the test piece by the event organizers) wins. Get the vendors to kick into the kitty for a prize (most competitors won't REALLY want a blade server and disk farm to take home, will they?) and see what come out of this.

I think this would be an important twist in that we'd see what the world would look like if it were reduced to a Utility Computing cloud, with end-users effectively defanged and all work housed inside the Fortress Data Center. I'm sure the result would show the World is not safer in the castle than it is in its huts today. But the lesson needs to go on record just the same.

Mine's the delivery order with 2 pizzas and a twelver of stout, wrapped in the thermal blanket...

Brett Brennan


In a damning indictment of safety of wireless technology, a recent controversial experiment saw a teachers head actually explode when exposed to a deadly cocktail of Wi-Fi transmissions, mobile phone radiation and emissions from a nearby TETRA mast. Okay, not really. But we had some of you going. Admit it.

Ive just taken a sledge hammer to my wireless router. I'm now in a Wi-Fi Cold-spot.

AJ-NI


It's all down to focussed microwave radiation.

The phones were acting as an antenna that drew in and focussed the radiation from the school's industrial strength microwave oven (anyone having tried microwave popcorn in one will know that the bag catches fire in a minute or two).

The nature of the phone signals mean that the microwave radiation is reverse-phased which defeats the normal shielding.

The focussed radiation then rapidly boils the fluids in the brain resulting in the usual 'egg in a microwave' situation.

Elmer Phud


" .. In the interests of good taste the Reg has refrained from linking to the vid. .. "

You blew it! I was totally suckered in until you gave the game away with that completely ridiculous suggestion!

Anonymous Coward


Many years ago, The Guardian published a story about a new automated bus control system for London. All buses were to be driverless, and controlled remotely by operators who would view the traffic through a CCTV mounted in the driver's cab, connected in real time to a video screen in the control centre. One operator in the centre would be able to control up to five buses simultaneously, tests had shown.

I was so taken in, I nearly posted it to risks@csl.sri.com

A few years later, a net-friend who was an aviation specialist published a story that the flight crew on an Airbus A320 had experienced an outage of the flight control system on approach to landing. When they tried to restart the system, it gave a message saying "PIN not recognised". Apparently, this was due to Airbus using second-hand ATM chips to build their on-board systems.

The "incident" turned up a few months later in the final year undergraduate dissertation of one of my software engineering students, quoted without irony as an example of the risks from computer systems.

A few years after that, I broadcast my own story that Airbus had subcontracted the maintenance of the flight control software on the A320 to a third-party support firm. I had just just returned from a meeting in Copenhagen, and said I had seen the story in the Danish magazine "Godaj" ("Hello" in Danish). I said that the head of the third-party support firm was Wolf Larssen (the villain of "The Sea Wolf" by Jack London) and quoted him as saying that he was not worried that the original developers of the flight control system would not give him the source code, since his employees could download the binary and de-compile it.

At least three experts in safety-critical avionics were totally taken in and expressed their concern to the discussion group on which I had broadcast the story. I was still receiving concerned enquiries 5 years later from people who had read it in the archives, and hadn't noticed the date on it.

Moral: Make the spoofs believable, but perhaps not *too* believable! :-)

Peter Mellor

Soundcard maker Creative Labs threatened a developer with legal action after he wrote drivers enabling the company's older products to run smoothly on Vista. Daniel Kawakami's drivers were initially removed by Creative from its site, but the company later backed down and reinstated his posts. Like Kawakami, you were incensed at Creative's tactics:

Funnily enough, I am currently reading a book called "The Undercover Economist" that explains that behaviour by companies. It goes something like this: intentionally cripple your cheaper/older products so that people have a reason to buy the more expensive ones, in this case by providing sub-standard drivers for Vista. The problem when you do this through software is that a bright hacker can ruin your plans by writing good drivers. In this case, a company has two choices: 1. say thank you, distribute the better products and go to plan B to milk cash from customers another way; 2. threaten the hacker with a lawsuit to safeguard plan A, which looks like what Creative is doing here. The problem with the second solution is that there is a risk it will backfire as a PR disaster that can lose you customers and cost you more than going to plan B would have done.

This looks like an own goal to me: Customers 1 - 0 Creative

Bruno Girin


If only there was some organisation devoted to the new frontier of electronic freeedom, or someone advocating free software and backing up their beliefs with legal muscle... Nah, it'll never happen: none of these cases will ever go to court. Nobody serious about computing would do anything like that.

Still, it's a shame, because seeing that one go to court would make fools of Creative Labs. The document discovery required in such a case might also reveal that Creative are forced to act this way in order to retain their Microsoft certification: their board live under the threat that every single Creative Labs device will one day be 'decertified' and prevented from running protected media under Windows.

I wonder how that would play in the press... If there still is a free press: much of the mass news media is owned by people who have an important financial interest in the in the next-case-but-one, where we establish a legal precedent that states whether the Digital Millennium Copyright Act is a license to ignore the antitrust laws. Do Microsoft, or the content owners who now seem to be Bill's paymaster, have the legal right to selectively 'freeze out' hardware manufacturers who don't toe the line?

It occurs to me that Creative Labs might actually gain more than they lose from taking this case to court. Unless, of course, their legal team are as badly-managed as their developers: given the clumsy way that they have behaved so far, this seems all too likely.

And what do Creative Labs have to lose? We already know they're fools and their hardware drivers don't work particularly well anyway.

Of course, a court case might also permanently blacklist and burn our promising young programmer's career - at least, in the world of large corporations in partnership agreements with Microsoft. But there are worse things than starting out in a department which ships bad code, learning to accept working that way, ending up managing the process and forcing it on a new generation of recruits, and eventually directing legal operations against the the sort of promising young programmer that you used to be.

Nile Heffernan


The enraged thread on creative's forum numbered 160 pages this morning and clocked over 170,000 page views! And that was just over the weekend, before it was picked up by the news sites.

Calling this a PR disaster is puttting it mildly, but to those of us who have suffered at the hands of Creative's senseless disregards for its customers, it's nothing new...

I personally returned the last creative product I bought when the vista drivers proved flaky since last time I checked I was not getting paid to be their beta tester...

Dimitri


Wacky Hawaiian botanist Walter L Wagner has filed a lawsuit attempting to prevent CERN's Large Hadron Collider destroying the universe as we know it. Wagner argues that there is an appreciable risk that cavalier boffins might accidentally create a black hole that would engulf us all, or possibly create "negatively-charged strangelets", which would turn everything on the planet into strangelets as well. Neither possibility is an inviting thought.

This guy's a genius. He managed to be both the plaintiff and the defendant and no-one noticed until the garden received the bill.

He may be a loon, but he's a loon with some serious balls!

Steve


Like a parallel universe wouldn't be an improvement? Perhaps we might wake up in a universe without any Republicans? Hell, we might even wake up in a universe without an IT angle...

My weekend is sounding better already!

Anonymous Coward


Steve, I don't know about balls, but there's certainly some serious bollocks in there.

TeeCee


Surely a more Wagnarian scenarios would be that the strangelet-custard conversion and monopole transmutation threats causes the manifestation of large breasted women on flying horses who drag us through the black hole into a giant hall where we spend the rest of eternity feasting!

Bring it on!

Anonymous Coward

Well, we're saddled up and prepared for the inevitable. Wait, where's my axe? ®