esme

I don't hold out much hope for this but there's a petition you can sign Repeal the new Surveillance laws (Investigatory Powers Act) 118988 signatures so far, every little helps Hopefully 4chan aren't going to fuck with this one, probably another forlorn hope

VPN providers are gearing up their services http://www.bbc.co.uk/news/technology-38068078 - 23 November 2016 The other suggested alternative is Tor

With the attack I outlined in the first post, you don't need to know anything about the dark web, the script can download anything from any available site, including those which are only available by an IP address, you can build in any handshake you like onto the script to get deeper into the site or you could just make repeated accesses to the home page, as the ICR only contains the url of the site & not which page you're accessing. The only protection is to prevent your browser requesting information from these sites in the first place As for a VPN not flagging you up to the security services you need to create a tunnel to a server which is outside the UK's jurisdiction otherwise they know both ends of the tunnel and simply go to the other end with a warrant to see your traffic, and even now all internet traffic that crosses the border is monitored, encrypted traffic is immediately suspicious, they would know your IP & the IP of the site your going to, and their bulk hacking authority lets them launch whatever they like at your machine. Tor is a little more difficult to spot but by adding sufficient relays they could identify a significant portion of the network and again attack each one. In their eyes the guys using VPN's & Tor will be the people trying to avoid the ICR log, and that will make them valid targets If everyone used VPN's & Tor they'd have a much harder job, but only a small percentage of traffic uses them

Worth a try, but if a script is infected that doesn't relate to an advertising site you're still stuffed. Unless you know the site doesn't use external scripts or images and is either served to you from read only media or monitored for changes 24/7 then any site you visit is a game of russian roulette. I can't think of any sites like that. I've been yelling about this since ICR's were first touted as a simple list of sites you visit with no mention of all the sites you don't know about being in there too and now it's law. Soon your ISP will have to implement them, at your expense and then we can no longer trust any site we visit. The only ways I can think of to avoid this are: Use a browser that has add ons and use an add on that prevents any access to sites which don't match the site in the address line, this will break the majority of sites & doesn't address emails with embedded web content. Use Tor or a VPN which might get around the ICR log but will flag you up to the security services who will then probably just launch an automated hack using zero day exploits, to target your machine with the new bulk hacking powers also included in IPBill, you may not get a 4 o'clock knock though providing they don't find anything interesting.

Just in case you hadn't heard the British Government just passed the IPBill So fairly soon your ISP's will be required to log every site you visit in a log of your Internet Connection Records (ICR). Sounds innocuous, just your browser history really, and you've got nothing to worry about as long as you steer clear of the t*rrorist & kiddie p*rn sites, or have you ? Well yes you have. At the moment the bad guys routinely break into advertising & 3rd party scripting sites to plant malware which gets downloaded to PC's, this malware does things like create botnets, encrypt your PC and tell you to call a number to pay to get it unencrypted or just spread a virus which downloads yet more crap, that sort of thing. Your virus scanner and antimalware software is designed to deal with this sort of thing and people are on the lookout for it so thankfully while it's dangerous and a pain in the arse, it's manageable. For example not long ago the BBC were serving infected adverts from 3rd party sites that had been compromised in this way. I'll get to why I mentioned that in a minute. Bear with me if you already know this. When you visit a web page you effectively download a series of instructions for your browser which tell it how to render the page, but these instructions do much more. They pull in images sometimes from 3rd party sites, they pull in scripts also sometimes from 3rd party sites, those scripts can pull in yet more content from yet more sites until eventually it's all on your PC, some of these continue while you're looking at the page and do so without you noticing. This third party content is the stuff the bad guys tend to target when they plant their malware bombs. These site accesses look just as if you'd sat and typed the address into your browser, it cannot be distinguished from the sites you know you visit, your browser is built to do this. Every one of them is now going to be logged in an ICR that you know nothing about and cannot access. So what I hear you say, it's all legal sites, nothing to worry about. Except for the aforementioned bad guys, who now have another target, further it's a target you have no control over or access to, but it's very intimately yours. Lets imagine the bad guys switch from planting malware to planting a small script section inside a commonly used script from one of these 3rd party sites. This script gets downloaded to your PC when you access a web page, say from the BBC. Once on your PC the main script executes as normal and eventually hits the new code, this creates an element on the page with a "display:none;" style, this means no attempt is made to render the element, you can't tell that either the element or it's contents are there without looking at the generated source code for the page. Then the script downloads some content from a t*rrorist or kiddie p*rn site & directs the output into this new hidden element, they can also pull in some content from their servers just so they can log your IP address and time of access so with a bit more work they can try and trace you with varying degrees of success, some people will be traced others not. They don't have to do it this way, they can use a simple Ajax technique to read any available server content & dump it into a JavaScript variable, it never goes near the displayed page, but it still get's logged in your ICR log. You know nothing about this, but your ICR now has references to t*rrorist and kiddie p*rn addresses in it, and the bad guys know your IP address and are using other methods to trace you. Then after a few days the bad guys go back in & remove the evidence from the server, your ICR log still remains. Then depending on how successful they are at tracing you there's an email or a phone call telling you someone planted t*rrorist and kiddie p*rn addresses in your ICR log and for a fee they won't call the police. Some will pay, some won't, some will be found by the police anyway and as the only evidence will be the ICR log by this time and no one can affect that except by visiting sites, the police won't be interested in peoples protestations of ignorance of how those addresses got there, they will tear peoples lives apart looking for more evidence. Or they don't, they just tip off the police with some IP addresses & contact times to create chaos. The authorities may eventually figure out what is happening, but not before a lot of people have had their lives destroyed. Before anyone tells me I'm telling the bad guys how to do their job, advertisers do this sort of thing all the time to preload & postload adverts, it's a well known technique, any javascript web developer can write a script to do this in under 5 minutes, probably with their eyes shut. And as there's no attempt to download malware or exfiltrate data from your PC, no antimalware software will detect this, your browser is just doing what browsers do. You can try disabling scripting, but a lot of sites just don't work if you do, plus there's nothing to stop the bad guys going after the main page and simply adding some HTML to do the same thing without a script, add a hidden iframe or an img with a source on some dodgy site, it's easier to compromise a script but you don't have to. The British Government just destroyed the internet at the stroke of a pen.

Windows event logs You may or may not know but windows has an event logging system, on Win7 you can find the event viewer through Control panel > Administrative Tools > Event Viewer Now originally, windows had 4 logs named something like Application, Security, Setup & System and this was fine it's perfectly adequate for a technical person to find problems with your system. However around about Win7 Microsoft decided to expand this system dramatically and introduce a category called "Applications and Services Logs" In the event viewer, open "Applications and Services Logs", you may see a few actual logs but you'll also see a folder called Microsoft, open that and you'll see a folder called Windows, open that & you get a list of about 50 different folders all of which contain different log files, some contain a single log, some contain several Nearly all of these log files are active, quite a few have something in them and take up space on your system and I have never needed anything in them nor do I know anyone who has, the original set of 4 log files still being perfectly adequate So if you have the patience open each of these folders, right click the log, select properties, clear the log without saving it & then disable logging, you'll free up a fair bit of space & reduce the amount of time your system spends writing to the disk Alternatively if you know a way of wiping and disabling all of them in one pass I'd be forever in your debt

How to kill Cortana without uninstalling it Because I've heard reports that M$ will reinstall it if you do uninstall it, they really want it on your system. NB this probably won't last forever & I believe it stops you searching for applications on your PC, it doesn't remove Cortana but it stops it being loaded & run This is from memory, I found the instructions on the net somewhere, can't remember where. 1 - Locate the folder Cortana is run from, this should be something like C:\Windows\SystemApps & the folder is called something like Cortana_<randomstring>, the name may be different on each system but it will always start with Cortana_ 2 - Rename this folder, say with a .BAK extension so you can put it back later if something you need breaks, this will fail as the process is running but you'll get a popup asking you if you want to retry. 3 - Leave the rename popup open, start the task manager, find the Cortana process & kill it, Cortana will respawn, but it takes a few seconds, so quickly switch back to the rename window and click yes, as Cortana isn't open yet the folder should rename, once it's renamed Cortana won't restart because the system can't find it. You may need to take ownership of the Cortana folder to be allowed to rename it, don't think I had to. This worked on a windows tablet that decided to load Cortana every time after an update from M$, the tablet still works ok Cortana hasn't reappeared.

It's a continuous loop of tape, essentially a very long delay, if it went on to a spool then at some point the spool would fill & need rewinding, having a loop of tape means you can operate continuously without worrying about that. The signal from the guitar gets recorded on to the tape, playback heads read back the signal, attenuate it, mix it back with the current signal & re record it to the tape. This mixed signal is also fed to the output so you get an incredible layered, stretched guitar sound which sounds like multiple guitars playing in perfect synch. You should be able to vary the speed of the tape or vary the attenuation to change the effect, you should be able to produce an effect like the one Brian May uses when he plays a sequence, a machine plays it back to him & he syncs with it, "Keep Yourself Alive" is a good example. The tape bunches up like that because it's got to go somewhere, and it's this or have a machine several feet long which isn't very convenient, it could be threaded through reels which would add to the expense & increase the risk of breaking through wear or if you alter the tape speed, or the tape could be shorter but not by a lot as this would affect the maximum speed of the tape. The tape will eventually wear out & break, but it's relatively easy to replace providing you can find a source of magnetic tape & a splicing kit to make a continuous loop of it. In very early computer systems when RAM was a scarce and expensive resource & disk drives were the size of washing machines & had kilobyte capacities, a similar system was used on reel to reel tape drives. The reels were big and heavy so they were slow to react when you wanted to read or write information quickly, they had a long latency and if you tried to move them rapidly & change direction, the motors wore out really fast, these things were very expensive, and the tape would also snap during rapid reversals, a lot. So the tape would be fed into two boxes either side of the read write heads before being fed to the reels. The reels would then be used for bulk positioning of the tape and several feet of tape would fed into the boxes and be allowed to concertina up, the read write heads had small fast drive motors either side which could then rapidly feed the tape back & forth between the boxes without having to move the reels. And because the RW head motors were only moving a small amount of tape rather than a big reel weighing a couple of pounds they didn't wear out as quickly This image has that sort of system, the two columns are acting as a tape store so you don't have to move the reels, plus it soaks up any rapid direction changes without snapping the tape. The box on the space echo machine where the tape is concertina'd up neatly is a variation on that to store the tape

Just an idle thought regarding telemetry and updates. If you successfully block these, Win10 then throws a hissy fit & eventually stops working. How about setting up a "man in the middle" machine, initially it simply intercepts and then passes on whatever M$ are sending up and down the wire, but because it's under your control you can intercept & look at the data. Now OK a lot is going to be encrypted, there's no reason why update requests should be, but even if they are you may still be able to fake a "no updates today" response from your man in the middle machine, also it may be that you can spot patterns in the telemetry handshake and fake that too without sending data to M$. Lot of work, but it might allow you to schedule your updates & control telemetry while still using Win10. Easier to just install L*nux though.

they started with the roll up patches last month

I assume you mean me ? here's one http://www.infoworld.com/article/2911609/operating-systems/kb-2952664-compatibility-update-for-win7-triggers-unexpected-daily-telemetry-run-may-be-snooping.html but you probably already know about it However Microslurp now release all their updates in a single homogeneous monthly windows update rollup so you can no longer pick and choose what you want or avoid installing telemetry.

@woah You probably know this but watch out for windows 7 updates, they've rolled the telemetry updates from win10 into them so I expect win7 to start phoning home as often as win10 soon and eventually refusing to allow you on your local network if you deny access to the slurp servers

This is the problem, we're going to wait and see if Trump can be controlled or moderated, if he's going to see reason, we're going to give him the benefit of doubt. I can tell you right here and now, that's a mistake. Just looking at the people he's choosing for his cabinet will tell you that's a mistake. He's in charge and he knows it, the Republicans have the presidency, the senate and unless Obama does something drastic very soon they will also have the Supreme Court. Trump will do what he wants, when he wants as often as he wants, no one will stop him and he will roll over any one or any group who tries to get in his way, he is not a nice person, he is not doing this for the good of America, he's doing this for his own ego. America will suffer because of this, and that's a problem because when America sneezes the world catches a cold. He'll probably spend his first year dismantling every achievement of the Obama administration starting with the affordable care act, then he'll start satisfying his grudges & go after everyone who ever slighted him most likely starting with Clinton, which redneck americans will absolutely love, it will be prime time tv, then he'll start looking at acquisitions, "the middle east is full of bad people, really bad, the worst, you know, they could give us their resources but no, they're awful, lets do something about that" and redneck america will cheer as the troops are deployed. As for voting someone else in in 2020, assuming we get to 2020, by then there will be so many disenfranchised voters, mainly among those who don't have white skins that he'll get another term by a landslide. So if people don't want this, there aren't many options left and waiting to see what happens & trying to deal with it after the fact is not going to work.

Why am I scared? Well one reason is a narcissistic, egotistical, grudge bearing, man baby, with poor decision making skills and a history of making other people pay for his fuck ups has just been given the keys to one of the biggest nuclear arsenals on the planet and he's shown no reluctance about using them either to intimidate or if that fails in reality, when questioned prior to the election. Correct me if I'm wrong but as I understand it, if the US is involved in a conflict, and when are they ever not, and someone attacks America, the President can order a nuclear strike as retaliation without recourse to congress, the system is set up so that the Secretary of Defense has to verify the order came from the actual president, but beyond that they cannot stop it or veto it. If the SOD refuses to verify the order their next in command will do so & so on until someone says eventually "yes the president authorised a launch", this is the two man system. The details of what constitutes attacking America are a little fuzzy on my reading, but in a conflict pretty much anything is an attack, once the first missile is launched others will follow, even though the cold war ended years ago we still have the capability and operate under the assumption of MAD. If he only launches one that would be enough to trigger responses from other countries. So YAY the nuclear war bargaining chip has just been put firmly back on the table, please advance the clock, it's currently at 3 minutes and it hasn't been updated for a while I suspect it may be soon. If he wants something, and Trump wants a lot, he is not above using lies, threats and force to get them, his election campaign proved that, he's not a diplomat, he's a two year old in a man's body and he's just been made the most powerful person on the planet. And then of course there's the world economy, Trump has a long history of running up huge debts, declaring bankruptcy and walking away from them leaving others to pick up the tab, or he orders work to be done supplies to be delivered & used then he doesn't pay, What influence will that have on the US economy and why will other countries want to trade with a country who has a man who doesn't pay his debts in charge? so we'll all suffer because of that. Of course our Brexit team think this is wonderful news and are gaily skipping across the pond to try and open trade negotiations with a man who's first, last and only thought is "What's in it for me", I suspect they will achieve a trade deal and we'll all pay for it because while it will be the best they can get it will be pretty fucking awful for us. And then we have the rise of the right wing, Brexit was bad enough when every racist, xenophobic, homophobic, misogynistic, ableist arsehole in the UK suddenly felt like their time had come and they could go out and kick some heads in with impunity. Well making Trump President will have the same effect in the US and give the UK arseholes a shot in the arm they really don't fucking need. All their dreams have come true and anyone with a brown skin, foreign sounding name or accent, looks a bit funny, happens to love someone of the same sex, is female or has a disability is fair game. Not to mention the right wingers on the continent, Marine Le Pen wants to be president of France and the rising tide of the right just might give it to her, in which case I have no idea what our future will hold but it won't be pleasant. And then we have climate change, Trump is appointing a climate change sceptic to lead the EPA and regards climate change as a work of fiction designed to deprive rich people of a means of making more money. The scientific community think by the time Trump leaves office the effects will be irreversible and catastrophic. I suppose he can build a wall around the US to keep the water at bay though he'll have a tough time making the fish pay for it. So call it fear mongering if you like, but I'm fucking scared and until he ceases to be president I'm going to remain scared. Anyone who wants to nitpick & find flaw with these arguments, you knock yourself out, enjoy, it won't change my views at all, the world is turning into a place I don't want to live in and President Trump is a giant fucking leap down the path.

I lived through the Reagan presidency & both the Bush presidencies, I was a child during the Cuban missile crisis, I witnessed the second plane hit the world trade centre on 9/11 via TV & I saw America's reaction, I've seen my share of scary terrorist shit within the borders of my own country, even been quite close to some of it. But I never actually feared for my life and the lives of everyone I love before today. And I am utterly helpless to do anything about it. I'm more scared of our ally with Trump at the helm than I am of our enemies.

Ah, bugger, scratch that idea then

I wouldn't worry too much about working out where a brick is thrown from. Having been hit by a flying brick I can tell you it's a case of "by the time you see it, it's hit you" and I couldn't tell you where it came from. If I'd have seen it I'd have ducked, maybe that could be implemented ? a ducking/flinch response for flying projectiles that are seen. A near miss on the other hand, providing the AI happens to be looking in the right direction or sees enough of the trajectory then it could work out a rough area where it might have come from but it needn't be incredibly accurate, give the projectile information that says "I came from that 50 sq metre area over there" & have it disappear or reset to a new area when it hits the ground so the ground needs to inform the projectile of the new area. It's a lot of work for little reward imo, the AI in TDM are the best I've seen

STiFU : Bugger! didn't see that, sorry conker : Ta, corrected

3rd person stealth game "Aragami" announced Will be available for PC, Mac & Linux bit too bloodthirsty & 3rd person for me but it might be of interest to others https://youtu.be/sO5H_UaToTI

Yup that's pretty much why I don't like modern games

Zombie minefield

@biker : I already block sites via hosts but I believe WIn10 can bypass the hosts file & use numeric IP addresses if it discovers it's not getting through, so there's nothing I can do that will block numeric IP's on my router ? @anderson : I have an old android 2.3.4 phone & I have no problem with it, there is nothing on that phone beyond my partners number that O consider to be remotely sensitive, before that I had a windows phone & had no problem with that beyond it getting so old I couldn't source a battery neither android nor windows phones are the latest version of the OS, so I'm probably not the best person to ask about phone/pc comparisons. I'm not a fan of smartphones in general, they are too oriented towards getting personal data into the hands of other people What I want is a computer that makes phone calls but nobody makes one

Looks like I'm going to end up with a Win10 tablet, I'll probably end up wiping it and putting some flavour of L*nux on it but until then is it possible to block the telemetry data slurp in my router ? I can block access to url's based on keywords but I believe telemetry uses embedded IP addresses & I can't see a way of blocking those unless I can do something with static routes, anyone got any tips for this ? If it helps my router is a Netgear WNR1000v3 with firmware V1.0.2.68_60.0.93

ooooOOoo prog, I do like a bit of twiddley now and then, I shall have a listen, thank you Very nice, relaxing, I enjoyed that, thank you

Or use a thick wall and two gates so you can't actually reach the body