* Posts by Sora2566

225 publicly visible posts • joined 14 Jun 2022

Page:

Google apologizes for breaking password manager for millions of Windows users with iffy Chrome update

Sora2566 Silver badge

Re: No Master Password?

Google is of the opinion that if someone is logged in as you, then there's nothing you can do that will stop them from figuring out your passwords. Which may or may not be true from a technical standpoint, but at least Firefox doesn't make it *easy*.

Oops. Apple relied on bad code while flaming Google Chrome's Topics ad tech

Sora2566 Silver badge

Okay, but like... I don't want a 3% re-identification rate either? Especially when Topics are just going to be one data point amongst a sea of other data points? I want that re-identification rate to be zero - or at maximum 0.0001%.

Release the hounds! Securing datacenters may soon need sniffer dogs

Sora2566 Silver badge

That doesn't help for the case where the card is stolen.

Sora2566 Silver badge

I mean, if the keycard is the only thing you need to enter a building, you do have to prepare for the very ordinary case that the card is just stolen, or cloned using non-implant tech...

Antitrust: GoDaddy under fire for banning DNS automation tool in favor of its own

Sora2566 Silver badge

Huh. Surprised GoDaddy didn't follow the standard playbook of buying the smaller operator out and ruining their product in the endless search for more monetisation.

FBI, cyber-cops zap ~1K Russian AI disinfo Twitter bots

Sora2566 Silver badge

And so the game of whack-a-mole continues...

Australia to build Top Secret cloud in AWS for military and spooky users

Sora2566 Silver badge

I'd be a lot more keen on this project if I didn't know it was being built by Amazon.

War on Texas law requiring ID to savor smut online heads to Supreme Court

Sora2566 Silver badge

I know there's an attitude prevalent in government - well, more of a desperate hope - that technology can fix any problem.

This is a problem that tech cannot solve. The only solution to this one is *actually good parenting*. Pretending otherwise is just pandering.

So much for green Google ... Emissions up 48% since 2019

Sora2566 Silver badge

After Bitcoin mining rigs, I would have thought we'd have learned our lessons about giant power-hogs that add nothing of value to the world...

If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately

Sora2566 Silver badge

Re: Integrity

The entire point of Polyfill.io was that it would only serve up the polyfills that you *needed*, by checking your browser versions. So it returning different scripts to different people was by design.

Meta, Microsoft SQL Server make strange bedfellows on a couch of cyber-pain

Sora2566 Silver badge

Re: why should enterprises be allowed to run out-of-date software?

I think that when the author here is talking about "fresh" software, they mean freshly *updated* software, not freshly written software. Software that hasn't been updated in 10 years is probably full of bugs that were discovered five years ago but never fixed.

And if it *was* updated recently, but you're still using the version from 10 years ago...

Google’s attempt to kill off child privacy app advertising lawsuit defeated

Sora2566 Silver badge

And people wonder why people think America needs federal privacy laws... and good ones.

AWS is pushing ahead with MFA for privileged accounts. What that means for you ...

Sora2566 Silver badge

Re: Non-changeable key

No, but a smartphone-based passkey requires *both* your phone and your face. It's much harder to get both of those.

US Surgeon General wants cigarette-style health warning labels on social networks

Sora2566 Silver badge

Good - a "think of the kids" initiate that isn't completely stupid.

What's up with Mozilla buying ad firm Anonym? It's all about 'privacy-centric advertising'

Sora2566 Silver badge

This is now a huge conflict of interest for Mozilla, and I'm upset to see them do this.

EU attempt to sneak through new encryption-eroding law slammed by Signal, politicians

Sora2566 Silver badge

But but but

think of the children

Japan forces Apple and Google to allow third-party app stores and payments

Sora2566 Silver badge

Go Japan! Suck it America!

...hang on.

Waymo issues software fix after driverless taxi hits telephone pole

Sora2566 Silver badge

See, there's a problem when the company doesn't have to disclose how many accidents its cars get into... we end up with very conservative estimates of how many accidents they get into.

Tesla's Autopilot false advertising tussle with California DMV must go to trial

Sora2566 Silver badge

Re: If false advertising was enough to stop products being sold...

I learned a new word today!

FTX's $24B tax bill written down to just $200M

Sora2566 Silver badge

Man, it must be nice to be a corporation; I wish I could tell the government that I'm only going to pay 4% of my taxes and not get arrested for it.

Uncle Sam to inject $50M into auto-patcher for hospital IT

Sora2566 Silver badge

Re: I can see it now...

To be fair, *some* SAs absolutely should be prevented from getting in, as they'll just break everything.

Dropbox dropped the ball on security, haemorrhaging customer and third-party info

Sora2566 Silver badge

As it turned out, the answer was "rotate our API key, because Dropbox had restricted our existing one".

Sora2566 Silver badge

I don't suppose anyone knows if people who use Dropbox Sign's API need to do anything?

Cops developing Ghostbusters-esque weapon to take out e-bike thugs

Sora2566 Silver badge

Re: Because you don't want to accidentally brick a Tesla

> Why they can’t use the road is beyond me, it’s not busy or dangerous.

Sounds very much like someone who has never ridden a bike or scooter on a road. The number of near-misses I've had...

I've had cars cut corners by swerving *into the bike lane*, directly in front of me! I'm not sure they even knew I was there!

Microsoft, Google do a victory lap around passkeys

Sora2566 Silver badge

Re: Farcical

Violent criminals will beat you with a $5 wrench until you unlock your device.

Police will show you a warrant and throw you in jail if you do not comply.

A million Australian pubgoers wake up to find personal info listed on leak site

Sora2566 Silver badge

Re: Why keep so much info?

If you read the article, you might also have spotted the point that some of these clubs are set up to cater to military vets, and offer discounts to the same. So before offering you half off on your drinks, the business should verify that you actually served.

Still doesn't explain why they would keep the license or such on hand afterwards, but I do understand why they would need this information (providing it should be voluntary, obviously - you might well think that your privacy isn't worth the discount even if you *are* a vet).

Sora2566 Silver badge

Why keep so much info?

Why did this service even keep driver's licence details, let alone biometrics? After confirming they're legit with whatever gov body handles that, isn't all you need to record just the fact that you verified it, not what you verified?

Japan will use AI to find out what bears do in the woods

Sora2566 Silver badge

Re: I wonder how many of us are old enough

If you go out to the wood's today...

Personally I prefer "We're going on a bear hunt; we're going to catch a big one; I'm not scared!"

Senate passes law forcing ByteDance to sell off TikTok – or face a US ban

Sora2566 Silver badge

Whelp

That'll put the cat amongst the pigeons.

Australia secures takedown order for terror videos, which Elon Musk wants to fight

Sora2566 Silver badge

Re: Australian jurisdiction, Australian rules

Only if Twitter has offices in Russia or takes money from Russian advertisers, and if so my next question is *WHY*.

Elon Musk's X to challenge Australian content takedown orders in court

Sora2566 Silver badge

By that logic, no country can slap regulations on any cloud-based organisation at all.

If Elon doesn't want to be subject to Australian law, all he has to do is completely pull Xitter out of Australia altogether. Until he does that, he's still on the hook - at least for that part of his business.

FYI: This site claims to have harvested 4B+ Discord chats, today all yours for a price

Sora2566 Silver badge

Ban data brokers from orbit. It's the only way to be sure.

Roku makes 2FA mandatory for all after nearly 600K accounts pwned

Sora2566 Silver badge

Re: Credential stuffing and password spraying

Who wants to be the one to tell AC about botnets?

Microsoft brings World of Warcraft and other Blizzard titles back to China

Sora2566 Silver badge

Bill Gates hasn't run Microsoft in... I'm pretty sure actual decades.

Google bakes new cookie strategy that will leave crooks with a bad taste

Sora2566 Silver badge

Re: Wait, what?

They were (and are) getting rid of third-party cookies, not first-party cookies; which are essential to any website with a log-in page.

X's Grok AI is great – if you want to know how to hot wire a car, make drugs, or worse

Sora2566 Silver badge

Re: What is so bad about knowing how to hotwire a car?

The hotwiring the car bit isn't the part they're really worried about, it's the child preditation instruction material that's really worrying the researchers.

Google will delete data collected from 'private' browsing

Sora2566 Silver badge

The article mentioned they had to delete the data of Safari, Edge and even IE users - but not Firefox users???

Sora2566 Silver badge

...but they don't have to delete the data of Firefox users who might have been using Private Mode?

China encouraged armed offensive against Myanmar government to protest proliferation of online scams

Sora2566 Silver badge

At the government level, this is evil vs evil, with all the little people suffering in the meantime...

SEC cleared to take securities beef against Coinbase to trial

Sora2566 Silver badge

Re: RICO

Somehow, I don't see charging old grannies who had no idea what they were getting into with grand fraud going over well.

Congress votes unanimously to ban brokers selling American data to enemies

Sora2566 Silver badge

Did you read the article? The bill specifies 'enemies' as "North Korea, Russia, China or Iran, or any company controlled by those countries".

Sora2566 Silver badge

Re: Good luck...

This bill specifies who the enemies are, though? "North Korea, Russia, China or Iran, or any company controlled by those countries".

Though of course that means that the law will need to be updated if that list ever changes...

Hong Kong promises its latest national security law is not a ban on social media

Sora2566 Silver badge

Woooooo

Another glorious victory for the Motherland. Down with freedom.

(Please imagine I am speaking in the least enthusiastic voice imaginable).

Crypto scams more costly to the US than ransomware, Feds say

Sora2566 Silver badge

Er... is that last paragraph technically inviting vigilante action? Is that the sort of thing the Reg could get in trouble for?

YouTube creators must now 'fess up to using AI in vids

Sora2566 Silver badge

So that's Steam... YouTube... the big one, of course, will be adverts. Especially political adverts.

Filipino police free hundreds of slaves toiling in romance scam operation

Sora2566 Silver badge

I remember reading in high school that there are more slaves today than there have ever been in any other point in history, despite slavery now being illegal in every nation on Earth.

Wonder if that's changed at all?

Google gooses Safe Browsing with real-time protection that doesn't leak to ad giant

Sora2566 Silver badge

Re: Safe Browsing API to look up websites

That's like trying to design a car that cannot be taken on an unsafe road?

Sure, it could be done, but all the simple ways to do that involve crippling the car's ability to drive *anywhere*.

Oh look, cracking down on Big Tech works. Brave, Firefox, Vivaldi surge on iOS

Sora2566 Silver badge

Re: Surging how much

That's why the choice screens are so important

Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability

Sora2566 Silver badge

Aye, curumba... yes, there's a point where you go "Well if they control this they already own the computer", but when you know that a Black Hat is actively exploiting this "trick"...

We're not Meta support: State AGs tell Zuck to fix rampant account takeover problem

Sora2566 Silver badge

Just to play devil's advocate for a minute here, what do the AGs want Facebook to do? If the account has its phone number reassigned and/or suffers from a credential stuffing attack, then what's happening is that the attacker is logging in using the valid user's password and with their 2FA code. How are they supposed to know that this isn't the user?

I'm sure they want Facebook to "find a solution", but aside from forcing mass adoption of Passkeys, I'm not sure what Facebook can do? (And then we get into the problems of re-educating the tech-illiterate masses as to what a passkey is and locking them into their current tech ecosystem...)

Page: