* Posts by Ian 62

228 publicly visible posts • joined 17 Jul 2009

Page:

Helpdesk? I have a software problem. And a GRIZZLY BEAR problem

Ian 62

I had a medical emergency

Whilst on a call to a north sea oil platform to fix a fax (yes fax) machine problem, the medic was very polite and apologized that he had to go, oh yes? Someones having a heart attack, to the noise of a 'code-blue' style tanoy announcement in the background.

$30 webcam spun into persistent network backdoor

Ian 62

Second hand kit

I suppose its a gentle reminder that something as basic as this can be reflashed and stuck on eBay.

The attacker might not always get the device into a juicy target, but whats the risk/cost? Buy it second hand, flash, resell for much the same price. Get a few dozen out there and see where they land.

Whilst you'd hope that commercial enterprises would buy new, if you're looking for a like-like replacement to make life easy for yourself, if its an EOL product eBay might be your only choice.

And the reasons for buying new IT gear are as follows ...

Ian 62

but you want gone because of vague concerns

I'd be disappointed as a customer to find out you were spending my hard earned money on something vague.

We're not here to spend their money. For one: if you spend more of their money on kit, that's less they've got to spend on your day rate. Secondly: if they get a second opinion that says a piece of kit is 'old but ok' they may turn round and start questioning why you really want to spend their money.

As an industry we get a bad enough rep with built in obsolescence, or just wanting to buy shiny things for our own benefit. Best to tread carefully.

TalkTalk plays 'no legal obligation' card on encryption – fails to think of the children (read: its customers)

Ian 62
Alert

Smut list?

Oh! Oh! As you mentioned it....

Could the Reg go and inquire of TalkTalk:

Did the hackers get the list of users who ticked the box saying 'Enable Porn Please' ?

Those in sensitive occupations, with children, MPs, Policemen, Teachers, Doctors, Nurses, etc need to know if they're about to be blackmailed.

Top VW exec blames car pollution cheatware scandal on 'a couple of software engineers'

Ian 62

Re: Not me guv.

The wifi slurp when street car was doing the rounds. They hoovered up data 'by mistake', a rogue engineer was blamed.

Tesla X unfolds its Falcon wings, stumbles belatedly into the light

Ian 62

I can't plug one in anyway...Unless I want to decapitate the people walking down the footpath in front of my house.

Russian Tor network-wrecking effort takes bizarre turn

Ian 62

<tinfoil>

Or...

Its been cracked (either by them or someone else), but theyve just realised, now that its cracked they're quite happy for crims to keep using it.

If they award for successfully completing the contract then everyone knows its cracked.

If they make a big media story out of it being 'impossible' then the crims keep using it, while they keep listening in

</tinfoil>

SIX MILLION fingerprints of US govt workers nicked in cyber-heist

Ian 62

Biometric revocation?

So if a certificate is exploited, it can be revoked.

If a password is cracked it can be changed.

If your 2FA device is lost or nicked it can be replaced.

What are we supposed to do when biometric credentials are hacked?

If (or when) someone figures out a way to crack and exploit a biometric database, its not like I can ask them to change my authentication details.

iCloud phishing attack hooks 39 iOS apps and WeChat

Ian 62

What hope do we have for the general public to understand computer security, if 'professional' devs are downloading materials for their jobs from unknown and untrusted sources!

SONY HACK WAS WAR says FBI, and 'we're still struggling to hire talent'

Ian 62

Wonder why he used the Sony hack as an example? Rather than the MUCH closer to home hack of the OPM (office of personnel management).

Or is that too much of a raw nerve to talk about yet?

Vodafone 'fesses up to hack of journalist's phone, denies 'improper behaviour'

Ian 62

If one 'rogue' employee

Can 'hack' away into a journalists details, why would we trust government with backdoors into our data.

All it takes is one pee'd off civil servant and we're all caught with our trousers down.

Wangling my way into the 4K gaming club with a water-cooled whopper

Ian 62

Re: 4k vs VR

You only need a small VR screen in 4k a few inches from your face.. Rather than several panels at 30inch+ mounted all round.

I'd suspect for family entertainment we'll still have a 4k screen stuck on a wall.

Gamers will move to VR, if only for the sake of cost.

FBI may pillory Hillary with email spillery grillery

Ian 62

My boss would never allow it

I can imagine what would happen if I turned up in a new job and refused to use the company network or provided services. "Don't worry boss, I know what I'm doing, I'll run my own IT stuff"

A fairly short reply, which might not even have been polite enough to say something like, using the approved and provided IT services are a condition of employment.

Why would Her, or Her team ever think this was a) allowed, b) a good idea?

Download Fest goers were human guinea pigs in spy tech experiment, admit police

Ian 62

Re: Plan of action

Its a 'festival'.

2450 instances of a tiger were reported.

120 clowns.

5230 cats.

In unrelated news, the face painting tent reported a 2000% increase in customers.

Scammers going after iOS as fake crash reports hit UK

Ian 62

If you're bored

Seeing as these guys are operating as a business, time is money. The more time you can waste, the less time they're making money out of people that dont know they're crooks.

Oh yes, hang on, it's really slow you'll have to be patient.

Oh someone at the door, back in a moment.

Oh I've forgotten my password hang on.

Oh its just crashed it'll need to reboot.

Oh my internet is really slow.

Oh my internet has stopped working.

You want me to install what?..... RICK ASTLEY!!

Heinz cockup sees Ketchup's QR codes spurt saucy sites

Ian 62

I've always thought QR codes were an exploit waiting to happen.

Here's a box of random squres, do you want to go to whatever site it may be?

I'm amazed no one has started printing their own on sticky labels, and pasting them over the 'official' ones on adverts and posters. 'Oh look a QR code on a poster for new shiny product, click, Oh thats strange it took me to malware.r.us.'

MOUNTAIN of unsold retail PCs piling up in Blighty: Situation 'serious'

Ian 62

Better not say that too loudly or your budget for next year will get slashed!

Use snooped data in court? Nah, says UK.gov - folk might be cleared

Ian 62

Parallel construction

I've heard talk of the US justice getting round having to reveal the help they get from the FBI etc by building a case on Parallel construction.

I assume its something like;

The info we got from the FBI stingray says they are selling drugs from this house. But we cant mention that so we'll say we got a tip off from nosey neighbor.

or,

we're tracking his phone heading up the motor way. Lets fudge the DVLA database so local plod can pull him over for no record of insurance, then they can do a stop and search on the car.

Secret evidence? No need.

Fumbling Feds lose control of seized MegaUpload domains – to saucy vid slingers

Ian 62

Why think is a cock up?

Having such a high profile site (even if it is now defunct) as megaupload becoming associated with the likes of warez and pron is a good marketing strategy to get it into the minds of the massess that sites like it must just be full of nasties.

/tinfoil

Windows and OS X are malware, claims Richard Stallman

Ian 62

Generally speaking, people want stuff that works. They want to walk into a shop, choose something, walk out with it. If it breaks take it back or ask someone for help.

Apple, since they opened their own stores you can now do this. Popularity in Apple stuff took off at the same rate as the retail store expansion.

Windows, was successfully at work so people are familiar with it so they buy one for home, and they can ask the helpful IT geek at work to fix their home PC for them.

Linux has neither of these. Which distribution do you choose? Where do I get a computer that comes with it? Someone with the money needs to step up and force a distribution into shape and sell computers in a shop with the support network to go with it. Until then the masses wont be interested.

DDoS attack downs University of London learning platform

Ian 62

DDoS ate my homework

Check the assessment timetable.

Which class had an assignment due, probably more likely to be tech related subject?

Cross reference with whomever couldnt get their assignment finished because it was offline?

UK data watchdog: Massive fines won't keep data safe

Ian 62

Fine is a contract employing someone

How about a fine that directly funds someone elses job.

Leaky data, Pays a contract for a security consultant?

Dirty hospital, pays a contract for a cleaner?

Corrupt bank, pays a contract for an auditor?

Corrupt copper, pays a contract for legal advisor?

Crap school, pays a contract for teacher training?

Keeps the money going round, maybe gives a few real people some real jobs, and gets the problem directly addressed?

South Korea mandates spyware installation on teenagers' smartphones

Ian 62

Signal to noise

All the kids need to do is just add the keywords to the end of every message.

Parents will soon get fed up filtering through all the messages to see which ones actually had something interesting in them.

2013 data i can see says something like 60 messages a day each, as the app monitors incoming and out going that can be multiplied up by the number of friends each. Add in a couple years of growth, and the reduced cost of the contracts (free?).

I could imagine 100+ messages a day, on top of app and web activity. If all of them have #uptheduff in them when is a parent going to have time to check them all

Starbucks denies mobile app hack, blames careless customers

Ian 62

Re: Surely time for different security....

Doesn't necessarily need to be a dongle.

Seeing as we're talking about mobile app, starbucks could always plug the 2FA into the users phone. Which, they've probably got with them if theyre using it for paying in starbucks already.

***beepbeep*** It looks like you're try to top up, or moving credits, enter this following onetime code into the starbucks app to confirm you really are you and you really wanted to move your starbucks-money around.

The data centre design that lets you cool down – and save electrons

Ian 62

Re: Immersion ...

If you watch a couple of youtube vids of lads building immersion gaming rigs you'll see the issues with it demonstrated on a small scale pretty quickly.

1) its HEAVY. A cabinet full of kit needs a good strong floor, now imagine filling all the spaces around that kit with oil? Double? Triple? the weight.

2) its messy. Want to change a network card? Got to turn it off, lift everything out of the oil, try not to make a mess, then put it back again without contaminating the oil too much in the process, or spilling it across the floor.

Graphic designs: Six speedy 17-inch gaming laptops

Ian 62

Resolution?

Are they all really only 1080 native screens?

With the power they're packing, and that they're 17" screens, would actually including a better panel increase the PRICEY price tags any much higher?

Conservative manifesto: 5G, 'near universal' broadband and free mobes for PC Dixon

Ian 62

Free mobiles for coppers, plus the snoopers charter? Nice way of finding out which reporters are talking to which policemen, without all that nasty bother asking judges to get the telecoms to hand over the data.

Encryption is the REAL threat – Head Europlod

Ian 62

What did they do before the internet?

I remember the days of terrorists blowing stuff up in the UK before we had email and twitter or Facebook.

What were the intelligence agencies doing then? They couldn't listen to everyones phone calls or open everyones snail mail, so they had to target the ACTUAL suspects.

They followed people, targeted surveillance, investigated clues and evidence.

Before the electronics I heard tales of agents hiding under the floorboards or in loft spaces to listen in to conversations.

Just because its 'easy' to hoover the 1s and 0s as they fly past doesn't mean the old fashioned ways of doing things aren't still available to you.

For the money they spend on 'cloudy things' they could afford to have someone actually walking around behind the top list of suspects 24/7.

Force your hand: Apple 13-inch MacBook Pro with Retina Display

Ian 62

Re: Obligatory comparison with non-Apple laptop

As close a Dell as I can find. And the price/spec isn't that far off a match in either direction.

5th Generation Intel® Core™ i5-5200U Processor (3M Cache, up to 2.70 GHz)

Windows 8.1 Pro (64Bit) English

13.3-inch UltraSharp™ QHD+ (3200 x 1800) infinity touch display

8GB Dual Channel DDR3L at 1600MHz

256GB SSD

Intel(R) HD Graphics 5500

1.26 kg.

939 Ex VAT (£1126)

Bigger SSD

Higher Rez Display

Older CPU (i think)

You win some you loose some, but the prices aren't as far apart as I might have expected.

BT fixes home hub drop-out glitch ONE YEAR after denying flaw existed

Ian 62

Re: Wow BT is getting faster at responding to user problems

To quote from btbusiness support page: Your line may well be getting 72Mbps as far as the green box at the end of the street, but you're sharing the national infrastructure with everyone else.

"Although BT Business Broadband is a contended service, it’s no longer contended at the exchange level by the previous 20:1 and 50:1 ratios. However, this doesn't mean that you'll receive a one-to-one contention. The contention now happens at the national level and only at busy periods.

BT plans the whole network to provide good performance and shares its national infrastructure between all users. This works well, as consumer use in the business day is low, which gives a very good performance for business customers. An analogy would be the roads near your house. There’s enough capacity to keep traffic moving well at most times and sometimes there’s a bit of a slow-down. If everyone used their car at the same time, there would not be enough capacity."

Burning Man hackers get burnt

Ian 62

Re: The burn

Whereas in the UK we have festivals such as:

T-in-the-Park

70,000 + people in a muddy field in Scotland. You hope the mud is because of the rain and not the leaking urinal troughs. The port-loos are blocked with bottles of buckfast, so while you're at the stage having cups of 'hopefully' warm beer thrown at you, someone has decided to leave a cr@p in your sleeping bag.

or Glastonbury

175,000 + people in a muddy field in England. Where the mud is mixed with cow cr@p, yet diving in it for the press pack seems like a good idea at the time. The 10ft security fence is no help stopping the supply of drugs as the face painting tent is actually a secret tunnel.

Burning Man doesn't sound so bad.

After Brit spies 'snoop' on families' lawyers, UK govt admits: We flouted human rights laws

Ian 62

Cases thrown out due to mistrial

Maybe I've not drunk enough coffee yet, but I seem to remember something about this sort of thing causing a mistrial and cases/convictions getting thrown out.

Something about the irony of the spying that gets someone convicted is then used to overturn the conviction. How long before the appeals cases start popping up?

BBC: SOD the scientific consensus! Look OUT! MEGA TSUNAMI is coming

Ian 62

Only if you watch the LIVE stream, any delayed stream from iPlayer does not require it. Am sure that'd be an interesting case if it came to court. "He said, She said"

Quote from the tv licensing page:

‘Live TV’ means any programmes you watch or record at the same time as they’re being shown on TV or an online TV service.

An online TV service is a service that mainly aims to provide TV programmes over the internet, e.g. on a website or through an app or Smart TV.

If you only ever watch ‘on demand’ programmes, you don’t need a TV Licence. On demand includes catch-up TV, streaming or downloading programmes after they’ve been shown on live TV, or programmes available online before being shown on TV.

Hey Apple - what's the $178bn for? Are you down with OTT?

Ian 62

Too many providers

The problem with OTT/streaming whatever content is that there are many providers with different distribution rights and content. Which are provided via different set top boxes or services.

I shouldn't need to care which service I need to subscribe to so that I can see last years episodes of Homeland or whatever, then a different service for last weeks episodes of 24.

I'd be happy for a single box, that gave me a single interface to all the providers, Amazon Prime, Apple, Sky+, Netflix, BBC, etc etc. So that when I search for a series I want it'll go and find which service its on, let me start watching it if I've already subscribed, or give me a 'Pay Now' option to start subscribing.

Its not re-inventing the wheel, its not some miracle technology, it just needs someone thats good at packaging everything into a nice interface that works. Which Apple are actually good at. They could handle the billing for me (as they already do with Netflix), and even stick a banner at the top to say something like 'This stream provided by XYZ'.

Time and again its been seen that people are happy to pay for content, IF its easy enough.

Now not even muggers want your iPhone

Ian 62

It'll be the headphones they mug you for now

Those big over ear cans you see them wearing, £160+ especially if they're a silly colour.

"Nah mate, keep the phone, I said headphones!"

Keyless vehicle theft suspects cuffed after key Met Police, er, 'lockdown'

Ian 62

Having watched a few youtube vides of RepoMan, a US repossession agent, car security seems a bit of a waste of time. I realise he has spent some time and money customising a good recovery vehicle and he knows his business, but seeing how fast he can remove a parked vehicle is something of an education.

If you weren't concerned about doing it safely, or your business reputation anything on wheels is a moveable feast!

'Boozed up' US drone spook CRASHED UFO into US White House

Ian 62

Re: For the Nth time

Assuming the wreck in the picture is of the 'flying machine' in question, I'd argue that it does (at times) classify as a drone.

Wiki for what its worth defines a Drone as : An unmanned aerial vehicle (UAV), commonly known as a drone and also referred to as an unpiloted aerial vehicle and a remotely piloted aircraft (RPA) by the International Civil Aviation Organization (ICAO), is an aircraft without a human pilot aboard.

Oxford Dictionary: A remote-controlled pilotless aircraft or missile.

It's certainly not big enough to have a pilot on board, and when the model in the picture looses signal it attempts to fly home autonomously to its point of departure and land by itself.

Sounds like a drone to me.

UK.gov binds mobe operators to £5bn not-spot deal

Ian 62

Legally binding or not?

Not sure if its only me that spotted the disparity in the report on the BBC?

""I am pleased to have secured a legally binding deal with the four mobile networks," said Culture Secretary Sajid Javid."

One vote for legally binding.

A Vodafone spokes person said, ""The voluntary industry commitment we have agreed with the government today will deliver 90% of the UK's land mass with voice services and a major improvement in mobile internet coverage as well."

One vote for voluntary.

Am betting we'll see some spin on this in a couple of years time with some he said, she said, you said.

Hacker dodges FOUR HUNDRED YEARS in cooler for SCANNING sites

Ian 62

Too subtle for me.

Maybe I've not had enough coffee yet, but the implication of the report seems to suggest that what this guy was doing is hardly worth mentioning.

Yes, ok, its just a website. But it appears he was trying to gain un-authorised access.

Would you brush off an incident where someone was outside your house for a few days trying all the door and windows, then sitting at the front door and trying 1000s of keys in the lock to see which one worked?

"I've not got in M'Lord, I was just checking"

Assassin's Creed bugs shift setting to LSD-drenched 1960s Paris

Ian 62

<tinfoil>

No mention of the NDA for reviewers that actually lasted beyond public release?

</tinfoil>

Mastercard and Visa to ERADICATE password authentication

Ian 62

Re: W00h00

First time I encountered VbyV (many years ago) I called the card issuer and said "What is this?".

The call centre replied with, "We've never heard of it, so we've locked your card".

Frankly, its been downhill ever since.

Can't remember your password?

Re-set immediately just by using the details on the card and the date of birth.

Its not like my DOB is very secret.

UK.gov pushes for SWIFT ACTION against nuisance calls, threatens £500k fines

Ian 62

Its a waste of time even complaining

I'm listed on the Telephone Preference service, have been for years, yet I still get calls.

Usually I tell the caller immediately that I'm listed and they are breaking the law to call me, normally they hang up pretty quick. Some occasions I do get the details of who they are, when reporting this to Ofcom I'm told 'Theres nothing we can do'. So, whats the point again?

IT blokes: would you say that lewd comment to a man? Then don't say it to a woman

Ian 62

Re: Out the b*****ds

Hit them in the wallet.. Its one of the 'other' place that hurts.

If you've been offended, insulted, harassed by someone wearing their company shirt.

Go right up to that sales booth and tell them.

"I would have been interested in your product but one of your sales men was a total ass, so I won't be buying from you ever again"

Word WILL get around the company in question, even if its not in official channels, the talk over the water cooler will cause embarrassment.

ISIS terror fanatics invade Diaspora after Twitter blockade

Ian 62

Re: There's probably more to it than that

And then we end up in the situation where...

"We attack place X, at Y time, on Z day"

That gets 'leaked' to some media or intelligence agency, the government of the day 'Has to act to protect the citizens' and we end up with closed airports, roads, rail, stop and search in the streets, and shut down telecoms.

Then the terrorist pee themselves laughing because for every one attack that they do actually perform they can terrify us into doing what they want another 10 times for free.

I'm more likely to catch a double decker bus in the face than be victim of a terror attack, but I don't see the government protecting me with a 'bus stop and search' every time I cross the street.

Premier League wants to PURGE ALL FOOTIE GIFs from social media

Ian 62

Aren't there a number of exemptions to copyright

And I give you two quick examples.

1) News reporting

Using material for the purpose of reporting current events is permitted provided that:

The work is not a photograph.

The source of the material is acknowledged.

The amount of the material quoted is no more than is necessary for the purpose.

2) Criticism or review

Quoting parts of a work for the purpose of criticism or review is permitted provided that:

The work has been made available to the public.

The source of the material is acknowledged.

The material quoted must be accompanied by some actual discussion or assessment (to warrant the criticism or review classification).

The amount of the material quoted is no more than is necessary for the purpose of the review.

So if you set up your twit/vine/facebook/youtube account as either:

Red top style news outlet.

Giving appropriate acknowledgements and only to show 'appropriate' amount.

Football Pundit.

Review or criticise the goal and again quote your sources.

But then.. Since when has copyright been for the 'little guy'?

Uber and Lyft sitting in a tree, 'c-a-n-c-e-l-l-i-n-g each other's rides'

Ian 62

Re: wait, what?

Its like twitter and Facebook.

"We have xyz millions of accounts! Invest in us now."

But % are fake, bots, spammers, duplicates, aren't they?

"But look! we have xyz millions of accounts!"

But fake?

"Invest in us now!"

BUT....

"Invest in us now!"

Or rather, it'd be something like. "Our disruptive exponential growth of accounts in our new cloud based initiative presents a unique investment channel to realise multi percent point growth on your initial outlay of under utilised traditional economic funds."

Synology and the NAS-ty malware-flingers: What can be learned

Ian 62

Remember it's not just Synology

It shouldn't have happened. No argument.

But why the laser like targeting on Synology? Which appears to be far more aggressive than previous reporting for:

Onity

Sony

LinkedIn

eBay

Yahoo

Target

Orange

Microsoft

Apple

OpenSSL

Adobe

Dell

etc..etc..

You could at least slap all of them equally for their incompetence over the years.

Boffins build FREE SUPERCOMPUTER from free cloud server trials

Ian 62

Re: I did not know there *were* that many cloud providers. Or are they

Obligatory XKCD

http://xkcd.com/908/

It's Google HQ - the British one: Reg man snaps covert shots INSIDE London offices

Ian 62

Re: Why never any employees

@SoaG

I see what you did there :)

+1 subtle internet points to you!

Teensy card skimmers found in gullets of ATMs

Ian 62

Re: *dum de dum de da*

[citation needed]

I'd imagine/assume it works on the same principle as the Cineworld quiz app and those damn furby-ipad app combinations, lets the kids chat to the furby via an iPad app.

They encode a high frequency audio that you can't 'hear', but must annoy the hell out of dogs. So its just broadcast out of a mini speaker and picked up by the microphone. The fury iPad combination was particularly painful for me at least. No one else in the house could hear it, and I only stopped twitching once the furby was 'humanely' put down.

Page: