Sign in / up

back to article Pizza prankster's prisoner plea plot perturbs police, Norks invading and Uber woes

Here are a handful of security happenings in the past week that are worth noting - aside from what The Reg has already covered. Microsoft extends Windows 7 support* With everyone up in arms about the potential for hackers to influence the upcoming 2020 US presidential elections, Microsoft is offering to help local governments …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Khaptain Silver badge

    "Twitter has said it wiped around 10,000 accounts in Europe, the Middle East, Asia, and South America that were attempting to spread disinformation and sway public opinion on political topics."

    Does that mean the majorty of current politiciens have just had their accounts deleted, including OPTUS...."Orange President of The United State".

    Would love to know how the made the cut and also who paid for the cuts.

    12 4 Reply
    1. Pascal Monett Silver badge
      Reply Icon

      I think Twitter is doing not too bad a job. If you compare it to FaceBook, Twitter is a paragon of virtue.

      I won't ever use it and I think most of its users are nincompoops, but those who manage Twitter I have to grudgingly admit some respect for.

      5 4 Reply
    2. Rich 11
      Reply Icon

      Twit-in-Chief

      For some unfathomable reason the purge appears to have sidestepped North America.

      6 1 Reply
      1. vtcodger Silver badge
        Reply Icon

        Re: Twit-in-Chief

        "For some unfathomable reason the purge appears to have sidestepped North America."

        One possibility is that there are no sources of suspect information in North America.

        Another is that the job of identifying misbehaving accounts in North America is simply too large to contemplate.

        But most likely I think is that the best known North American source of disinformation on Twitter is the President of the United States. Canceling his account would probably annoy 40% of the population of the US. Not canceling his account would presumably annoy the remainder.

        10 3 Reply
  2. Alan Ferris
    Coat

    Ebay ebabe

    How is this a problem?

    13 0 Reply
    1. Mark 85
      Reply Icon
      Coat

      Re: Ebay ebabe

      Maybe it's a benefit then? I'll get my coat also....

      2 0 Reply
    2. Kiwi
      Reply Icon
      Coat

      Re: Ebay ebabe

      Because it enhances the pleasure of using a MS product? One glance at their UI will tell you how much they hate users liking their stuff!

      1 0 Reply
  3. Pascal Monett Silver badge

    Please explain

    Please explain why a voting machine needs an overblown behemoth like Windows to run ?

    Apart from the fact that the developers (and their managers especially) don't know anything else, of course.

    19 0 Reply
    1. Evil Harry
      Reply Icon
      Coat

      Re: Please explain

      So it can be hacked - obviously!

      13 0 Reply
      1. Yet Another Anonymous coward Silver badge
        Reply Icon

        Re: Please explain

        >So it can be hacked - obviously!

        So it can run anti-virus.

        You can't expect run an antivirus app on something like an 8051 or Arm M3

        7 0 Reply
    2. Michael
      Reply Icon

      Re: Please explain

      As the kid that wrote the software on a summer placemeny at his dad's pals company carefully crafted it using a visual basic script and excel to total the results?

      10 0 Reply
    3. vtcodger Silver badge
      Reply Icon

      Re: Please explain

      "Please explain why a voting machine needs an overblown behemoth like Windows to run ?"

      And while you're at it, explain:

      1) Why you would connect a voting machine to the internet.

      2) Why you would even think about updating the operating system on a voting machine.

      3) Why you continue to use voting machines when paper ballots are clearly more secure and the results are auditable.

      24 1 Reply
      1. Tom 35
        Reply Icon

        Re: Please explain

        When the GOP study voter fraud, it's not to stop it, it's to do it better.

        2 0 Reply
    4. hplasm
      Reply Icon
      Holmes

      Re: Please explain

      Plausible Deniability...

      12 0 Reply
      1. Yet Another Anonymous coward Silver badge
        Reply Icon

        Re: Please explain

        Or since this is America, undeniable implausibility

        4 0 Reply

    5. This post has been deleted by its author

  4. oiseau
    Facepalm

    Not little-known

    ... little-known function in Windows called BITS (background intelligent transfer services) ...

    Not little-known ...

    If I recall correctly from my long gone XP days, it was a well known avenue for hacks.

    BITS (along with Automatic Updates) was one of the many services enabled by default by MS that any minimally tech savvy user would outright disable or set to 'manual' immediately after installing XP.

    O.

    17 2 Reply
    1. FrogsAndChips Silver badge
      Reply Icon

      Re: "It is an attack you most likely will never face"

      Famous last words...

      9 0 Reply
    2. Kiwi
      Reply Icon
      Pint

      Re: Not little-known

      ... little-known function in Windows called BITS (background intelligent transfer services) ...

      Not little-known ...

      If I recall correctly from my long gone XP days, it was a well known avenue for hacks.

      Ahh, that would explain the sinking in my gut (and he stinking in the bog a few minutes later) when my eyes wandered across those words. I do now recall having to deal with to it a number of times, although details thankfully escape me.

      I am so glad I've mostly left the industry behind! :)

      0 0 Reply
  5. Paul Kinsler
    Joke

    This error message inconsistency allows attackers to infer

    Oh, good. Now, in order to maintain rigorous security, all error messages can no longer be even slightly helpful. They will just be along the lines of "Error code redacted for security purposes".

    Edit - wait - maybe even reporting an error at all is a loophole!

    13 0 Reply
    1. Yet Another Anonymous coward Silver badge
      Reply Icon

      Re: This error message inconsistency allows attackers to infer

      My new secure OS just boots with a single message, "We refuse to confirm or deny we are running"

      12 0 Reply
    2. Loyal Commenter Silver badge
      Reply Icon

      Re: This error message inconsistency allows attackers to infer

      On a serious note, I wonder if such information leakage can also happen through timing attacks. How careful have MS been to ensure that a 'file not found' message takes the exact same time to arrive as a 'file access denied' message? In other words, can you infer the existence of a file by the differnece in time it takes to report the "cannot access" message when the file exists, and when permissions are denied? Presumably if the file doesn't exist, it requires only a directory check for it, but if it does exist, but is inaccessible, some sort of security check is required (with additional reads) that may take longer. Have MS countered this (for example by randomising response times, or adding a delay to existence checks)?

      6 0 Reply
      1. oiseau
        Reply Icon
        Facepalm

        Re: This error message inconsistency allows attackers to infer

        Have MS countered this (for example by randomising response times, or adding a delay to existence checks)?

        Of course it has.

        Or do you think MS is in the habit of foisting uncooked and bug-ridden OSs on it's unsuspecting victims customers?

        Really now ...

        O.

        4 0 Reply
    3. Tom 35
      Reply Icon

      Re: This error message inconsistency allows attackers to infer

      Windows 10 BSoD

      See X98CX98VX98CV9X90XC9X98X8V9080CXV for more info

      Google X98CX98VX98CV9X90XC9X98X8V9080CXV

      Something happened.

      0 0 Reply
      1. Kiwi
        Reply Icon

        Re: This error message inconsistency allows attackers to infer

        Google X98CX98VX98CV9X90XC9X98X8V9080CXV

        Well, DDG brings up a lot of documents and other stuff but nothing mentioning Windows or MS.

        That data-thieving crowd gives no results for that string.

        Can you enlighten us please? :)

        0 0 Reply
  6. Chris G

    Let me get this right

    The Air Force needs a contractor to get them into the cloud?

    10 0 Reply
    1. FrogsAndChips Silver badge
      Reply Icon

      Re: Let me get this right

      And will AWS be allowed to bid?

      Trump discovers $10bn JEDI cloud deal may go to nemesis Jeff Bezos, demands probe

      0 0 Reply
    2. John Brown (no body) Silver badge
      Reply Icon
      Thumb Up

      Re: Let me get this right

      "The Air Force needs a contractor to get them into the cloud?"

      Well, they don't build their own aircraft :-)

      3 0 Reply
  7. david 12 Silver badge

    Obsolete Win7 operating system.

    Just to be clear, that is the soon to be obsolete operating system.

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like