The TR Podcast 170.5: The Heimlich maneuver

Last night’s stream with Paul Heimlich was lots of fun. Thanks again to everybody who joined us live and participated via the chat.

We talked about a bunch of things, including Lenovo’s Superfish debacle, the future of Internet service, and our growing trust issues with tech companies. We also went deep on the future of G-Sync versus FreeSync, and Paul and I named the technologies we’d most like to see advanced in the coming years.

Here’s the YouTube version, so those of you who missed the live stream can see it at your leisure. Thanks again to Paul for joining us!

If you’d like to be notified when we’re recording, follow us on Twitch or simply follow me on Twitter. You can also subscribe to our YouTube channel to receive notices when we post videos there.

Comments closed
    • odizzido
    • 5 years ago

    Laptops….man. I wish that some good ones would come out.

    edit————

    Actually I recommended an apple laptop to someone recently because I couldn’t find a single windows one that I liked.

    • the
    • 5 years ago

    Ugh, I was off traveling for work and missed this. Anyway, comments ahoy.

    For reference of AT&T performing deep packet inspection on your internet connection for ads:
    [url<]http://www.dslreports.com/shownews/ATT-Offers-70-1-Gbps-in-Austin-With-a-Big-Catch-126969[/url<] And shortly after this podcast episode, AT&T announced that they're going to price match Google Fiber in the KC area: [url<]http://www.theverge.com/2015/2/17/8050935/att-google-fiber-kansas-city-gigapower-internet-price-match[/url<] Though I'll [i<]never ever[/i<] get AT&T services considering that they did my parents. When they got a cell phone service through them any years ago, they were immediately sent to collections. The notification to the collection agency had to have happened with in 24 hours of them signing the contract with AT&T: they hadn't even had the opportunity to have their first bill even posted. That's also ignoring AT&T's promise to roll out DSL in my parents area for a decade without follow through (yes, AT&T only offers dial up for them and there is no other alternatives without rolling out new infrastructure). AT&T should be nuked from orbit. As far as Google Fiber goes and them watching, you can always utilize a VPN connection. There certainly is enough bandwidth to support this, just take a small latency hit. With regards to higher resolution displays, I can tell the difference between upscaled DVD, Netflix 720p and Blu-ray 1080p but not due to their pixel count. Rather they all use different codecs for the movies. DVD's have horrible, horrible black levels. Netflix has lower bit rate than Blu-ray and in motion it stands out. The color gamut on many IPS displays can exceed 24 bit. DisplayPort has been capable of going beyond 24 bit for a while now. However, to use it, you'll currently need a Fire Pro or Quadro as 30 bit color is seen as a professional feature right now. AMD and nVidia need some pressure applied to them to make this a mainstream feature in their consumer drivers. The laptop system with G-Sync likely utilizes panel-self refresh as it requires a bit of embedded memory to store the frame buffer. nVidia's current desktop implementation adds this frame buffer as part of the G-Sync module. The idea of multiple refresh zone is something I attempted to asked in a previous podcast but it got butchered in translation. An easy first step for multiple refresh regions is tie it into an Eyefinity/Surround setup: each monitor doesn't have to update simultaneously. It also makes it easy to implement split frame rendering for SLI/Crossfire as the regions are well defined.

    • decoy11
    • 5 years ago

    I know it takes a bit of work on these livestream shows but is it possible for you to put timestamps for each topic on the youtube video after it is done?

    • Goofus Maximus
    • 5 years ago

    We are, and have always been, completely insecure in the internet, and the BBS net we had before then. We just didn’t realize it. Be as paranoid as you want, and you will still be completely insecure. Running Linux or whatever isn’t going to secure you.

    Basically, just don’t do anything that you don’t want anyone seeing you doing on a computer/phone/device/thingy. Your “50 Shades of Olive Oyl” Popeye bondage porn habit WILL be out there for everyone to see, just like Olive, tied up naked and left in the public park by Brutus…. I know… TMI…

    “I’m strong to the finish, ’cause I beats me spinach!”

      • timon37
      • 5 years ago

      That’s a very dangerous stance.
      Yes if the NSA really wants to hack/track you there’s little you can effectively do, (though they didn’t realize what Snowden was up to).
      But that doesn’t mean you should just accept them as overlords and do nothing.

      First of all, if you do nothing they get everything for free, without having to target you, without having to ask anyone. The more you do the harder it gets, and most importantly at some point they have to actively start targeting you. Which first of all requires someone to “decide to track you” which in court will beg the question “based on what was the decision made, and who approved of it”. Additionally sometimes you can notice e.g. keys and checksums not matching.

      But most importantly if you do nothing you’re hurting other people. As Eben Moglen said (paraphrasing) “this is an ecological disaster”. There’s two main ways this works:
      – Directly when you e.g. post about other people on facebook or tag them in pictures, you’re basically telling everyone “look the person you’re looking for was there and knows the other people in that picture”.
      – Indirectly by simply making everyone else who cares about privacy a suspect. For example if you do just regular web-browsing through tor you’re providing “cover” for the people who actually need the anonymity.

        • Goofus Maximus
        • 5 years ago

        I don’t know as what I said could be considered a “stance,” since it’s more a consideration that when I put my security in the hands of those develop security measures, I have to put trust in those individuals to actually have my interests at heart, and I don’t know that they do. And I have to have faith in their competence, which is occasionally overstated or overestimated.

        I wouldn’t accept them as overlords… if I knew who these overlords actually were. My thought is that those overlords “middle management” are more than likely the very folks I look to for protection from said overlords. For instance, the folks who understand cryptography and the programming thereof, are likely a very small pool of talent, so folks who review the open source code for problems in cryptography, and have the knowledge to understand the problems that may be there, are also small, and may have “conflicts of interest” in pointing out certain flaws. So, while Open Source software may be better than proprietary software for security, it’s still not something I will trustingly accept.

        Therefore, I will continue to believe that everything I do online WILL be unsecure, whether it is or not. As for the “doing nothing” comment, I think that sometimes doing nothing, while emotionally unsatisfying, may be “less worse” than doing something without a clear understanding of the details of the problem. The Arab Spring is a good example of how just “doing something to overthrow one’s overlords” without a clear understanding of all the forces involved, can go very wrong very fast. The Arab Spring has turned into a “Middle Eastern Nuclear Winter” of sorts, which left Egypt right back where it started from, while Syria fell apart, Libya is falling apart, and chaotic hodgepodges of shifting alliances take advantage of the chaos. The Law of Unintended Consequences will always bite the hand of those who act without understanding the problems involved.

        Edit: If my original tongue-in-cheek post garnered downvoting, I can only imagine that this one will fall into the downvoting depths of the thumbs-down abyss! 🙂 I can’t help it! I’m a die-hard pessimist. At least I’m (very) occasionally pleasantly surprised, this way. You poor optimists are doomed to a life of frequent disappointment! :whistles:

          • timon37
          • 5 years ago

          A bit of a misunderstanding on my part I guess, I just read it as “there’s no point to security measures since they can get to stuff either way” which a horribly misguided statement. In general assuming that everything you do isn’t truly secure is quite reasonable.

          Good point about trust, since fundamentally it’s always there, to a greater or lesser degree depending on circumstances but it’s always there, and usually a lot of it.

          I do agree that doing something without any idea of what you’re doing will probably just result in downloading malware, backdoors and make you feel secure when you aren’t which is the worst state.
          But that wasn’t what I meant by something, it mostly just starts with accepting the issue and paying attention to it, being more cautious, reading about how stuff works and slowly implementing some of the suggestions, e.g. encrypting/signing email between you and your family/friends. To be fully honest I’m mostly still at the first steps, so I am being a bit of a hipocrite in terms of how much I’ve done myself;p

          The point is simply that it’s absolutely not a “lost cause” and there’s a lot that we can do. If we do completely nothing it will get much much worse, to the point that you automatically become a suspect if you try to have any privacy at all.

            • Goofus Maximus
            • 5 years ago

            I can totally agree with that.

    • derFunkenstein
    • 5 years ago

    Turns out, unsurprisingly, that Superfish is most likely about much more than putting ads on your PC. The company’s founder is a former Israeli security agent, and the company has big government contracts with both American and Israel military. It’s also likely on a lot more than just Lenovo machines – Lenovo just did them a favor. This makes me think Lenovo was doing this in cooperation with either Chinese or other intelligence, and it was a known backdoor for an agency.

    [url<]http://www.forbes.com/sites/thomasbrewster/2015/02/19/superfish-history-of-malware-and-surveillance/[/url<] But they're apparently still susceptible to DDoS attacks: [url<]http://www.forbes.com/sites/thomasbrewster/2015/02/20/komodia-lenovo-superfish-ddos/[/url<]

Pin It on Pinterest

Share This