* Posts by Chronos

1257 publicly visible posts • joined 21 Oct 2007

Brit porn filter censors 13 years of net history

Chronos
Unhappy

ISPs

Zen, AAISP, UKFSN, any Entanet reseller, O2/Be (who'da thunk?) and possibly Zetnet. Even some of these are castrated by bandwidth caps and a lot of smaller ISPs who had a good rep in the past (Nildram used to be good) are owned by Tiscali, Italian for crap. Expect to pay £35+ PM for any reasonable service, more if you want a static IP or block thereof.

By the way, Cade, could you please change "Brit telecom" to "Brit telco," which is what I think you mean? Some may think that Thus are another tentacle (testicle?) of Phorm's bitch BT, which they are most assuredly not.

On the subject of riots, there was one. One of us threw the keyboard out the window last month, which is about as close as we come to civil disobedience these days. Nobody noticed, but it were a riot t' us.

Unsmiley: I am very unhappy with the dire state and poor choice offered by UK ISPs and wish to express both my discontent and dismay at the vast levels of cluelessness in the AOLers that now run them.

Take a hammer to your hard drive, shrieks Which?

Chronos
Stop

Christ on a bike!

We're not using MFM or RLL drives any more. Secret voodoo data pattern guys please take note. This has been done to death and the consensus is that DBAN on 3 (if you're in a hurry) or 7 (quite safe) pass random+zero is sufficient for any modern drive. Anyone using the Gutmann 35 pass either doesn't know what he's doing or has far too much time on his or her hands, and this was decided back in 1996 by the man himself. dd if=/dev/urandom of=/dev/hdN a few times followed by dd if=/dev/zero of=/dev/hdN will achieve exactly the same thing. DBAN gives you a progress indicator and a nice interface, though, and since it's free there's no reason not to use it, apart from possibly predictable entropy using a live CD.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

Powermat cuts ties with cabled power

Chronos
Joke

Re: Three Words...

It's actually two (Electromagnetic Compatibility) but since the sole criterion for compatibility has become "the screwdriver doesn't vibrate at 50Hz from ten feet away and it hasn't cooked the canary" and the CE stickers are generally attached just after the failboat's containers are unloaded these days, the C has become an F, Electromagnetic Free-for-all, and nobody cares. At least you don't need a huge amount of money for an EM isolation booth, spectrum analysers and log periodics any more. And here we all thought it stood for Electromotive Force.

What are you, some sort of radio amateur or something, worrying about the RF spectrum when there's bugger all on there below 97MHz but ex-CBers and static interspersed with the occasional IK9RYH baiting session on 14.195? Don't you know that halfwits, boiler thermostats and crap switched-mode PSUs own the bands these days?

...-.-

As an aside, I'll bet a pound to a pinch of excrement that these make excellent degaussers. Are you imagining the hilarity that I'm imagining? I also wonder how well they cope with a loop or two of rather beefy wire (like, say, a pair of wire framed specs) carelessly dropped right on top of one? Flames or a dead fuse first? I'm not taking bets but I'll have a fiver on flames, just because it's flames I'm rooting for, if anyone else is running a book. Makes good headlines on The Reg, don't you know... ;o)

Being serious for just a second, I really don't see the point. Of course, I also don't see the point of those solar patio lights, even though everyone else seems to, so it could just be me.

Tech industry still leaving dirty great footprints, says Greenpeace

Chronos
Flame

Ain't that a shame?

Come back when anyone gives a shit about Greenpeace. Even its founders are starting to say it has lost the plot:

http://www.washingtonpost.com/wp-dyn/content/article/2006/04/14/AR2006041401209.html

Google picks up third spot in spam-friendly shame list

Chronos

ISP != ISP

Spamhaus uses "Internet Service Provider" in a slightly different way to Joe Public. Basically, if you're providing a service, such as hosting or mail transit and you have an ASN, you're an ISP or NSP (network service provider).

Online crime maps go live

Chronos
Flame

North Wales

Is down for maintenance already. Is EDS involved or has Brunstrom set fire to the headquarters after climbing through a window again? :o)

http://www.north-wales.police.uk/nwpv2/en/error.htm (Honestly, it really does link you to an error page from the main site http://www.north-wales.police.uk/nwpv2/en/home.asp)

Fire, just because...

Tories pledge high speed broadband for all in 10 years

Chronos
Flame

Broadband?

What's the bloody point of having broadband if Labour is going to have the Internet a smoking ruin and a shadow of its former self by the time you ever get the chance to do anything to provide it? Burham's filters, Smith's invasive IMP, Phorm, legally sanctioned malware and cracking and RIPA's encryption provisions will make this a meaningless gesture.

For fuck's sake, Cameron, get a bit of perspective. What we want is less of this invasive, nanny-state bollocks and a bit more freedom and privacy. Broadband will get sorted by market forces on its own. Sort out parliament's ideas first. Let me just ask you this before I decide to vote Conservative in the next election (since any other vote will let the nannies back in again): Are you more a Conservative Libertarian or a Conservative Authoritarian? There's a huge difference between these two and one I couldn't even consider voting for under ANY circumstances. If you're a Libertarian, PROVE it and grow a pair, would you? Don't fuck about "fixing" what isn't broken, just fix what really is broken: The British citizen's rights and privacy.

/me takes a deep breath, rolls a cigarette and returns to enjoying what's left of the Internet while we still have an Internet to enjoy and while I can still enjoy a cigarette without some damned nannyist dashing it from my very fingers in "righteous" indignation. Apologies for the language, but everything else seems to have failed to get the point across to these twits.

Fujitsu tells WD the deal's off

Chronos

re: Things to be thankful for.

@Chris C: Funny thing about the new Raptors and, to a certain extent, the RE2s. Some of them simply will not negotiate with SATA 150 controllers without the jumper in place (pins 5&6 of the feature block off the top of my head), giving the impression of a DOA drive, yet some will work perfectly without it. I have an RE2 sitting on the bench right now that refuses to work correctly (LBA timeouts, looks terribly like bad sectors) with a Via (ick!) based southbridge, yet sticking it into my test box and running WD's own diagnostics, along with smartctl and testdisk on BSD, shows the thing to be perfectly healthy. One wonders just how many of these "failures" are due to poor HBAs, cabling and power issues. When designing servers myself, I usually use HBAs such as the Highpoint or Areca to ensure this doesn't present a problem.

That said, I'm sure you've covered all of this yourself, so I don't doubt for one second that you have had actual failures. I found the WD Proteges (usually fitted to OEM kit. They're not that common) to be probably the worst series for returns, although it was nowhere near the level of incompetence you suspect when a whole batch of Seagates (this is recent) with the place of manufacture indicated as China ALL coming back as faulty within days. As you say, there are failures with all manufacturers these days, as Storage Review's database clearly shows, but I think it's fair to eschew a particular brand when they show the levels of incompetence that Maxtor-Seagate and Fujitsu have in the past, especially when it makes you look incompetent yourself to the non-technical.

Again this is personal experience, but I have seen a total of one failed Samsung Spinpoint, probably due to not having used or shifted too many of them. This was due to someone thinking the breather was a "reset button" and prodding it with a pin. No matter how idiot-proof you try to make something, nature still seems to be ahead with the idiots :o)

Chronos
Happy

Things to be thankful for.

I can't imagine what the outcome would have been to throw the people who gave us the MPG/MPF series fiasco into a quality manufacturer such as WD. I wonder would the result have been the same as the Seagates being manufactured in China by the Maxtor people who gave us the stunningly reliable DiamondMax 9?

I have a long memory and have avoided Fujitsu drives since the late '90s. Remember this one? Drive in the freezer to allow the Cirrus Logic controller that had been baked beyond recognition (damages the dielectric film between the encapsulation and the die, releasing the phosphorous flame retardant in the encapsulation which rapidly becomes phosphoric acid and eats away the metal interconnects allowing the ions to migrate and form shorts between pins) to contract back to some semblance of normality, hopefully removing the resultant internal shorts for long enough to get your data off. Maybe. It became apparent that a long ATA cable and a freezer with a fat seal was required.

PCBA swaps were infeasible as there were so many damned variants of the things, they all had different (hidden) sector reallocation tables and the chances were they had ALL been reflowed with the wrong profile. Worse, most of the bloody Dells, Compaqs, HPs and even some IBMs produced at that time had the buggers in 'em and they, to almost a unit, failed at about the same age. Idiots. Obviously the process engineering department's week off. That, or Cirrus didn't translate the data sheet for them, so quite naturally Cirrus got the blame for their "poor choice" of encapsulation. Note that Seagate, using the same controller (on the ST3x "rubber johnny" variants, I believe), didn't see anywhere NEAR the same failure rate. Draw whatever conclusion you wish from that.

At this rate, only the Samsung Spinpoints are going to be seeing the inside of my machines. Hitachi Deathstars and Travelstains have too many memories attached to them. Roll on cheap, reliable SSDs. Even the Chinese couldn't botch up one of these... could they?

Clickfree Backup external hard drive

Chronos
Joke

Divorce

I suppose I'd better clear up that comment above.

Her: I want a divorce.

Him: Yes, dear.

Her: I want the kids, the car and the house and £300 a week.

Him: Yes, dear.

Her: That's it?

Him: Yep.

Her: Nothing you want?

Him: Nope, I already have all I need.

Her: What would that be?

Him: I've got the airbag.

Chronos
Coat

Hate to be a pedant, but...

Airbags are actually a dangerous idea without seatbelts. In a frontal collision, you're already moving before the airbag fires and, given that it fires at head/shoulder level, guess what gets snapped backwards when it does fire as the rest of you is still trying to travel at the same rate as the car was a moment before? The whole point of an airbag is to stop your head moving too far forward and then whipping back into the headrest. The seatbelt's job is to immobilise the rest of you, which is why cars with airbags (SRS or *supplementary* restraint system) also usually have seatbelt pretensioners.

If you really must drive around without a seatbelt on, you're better off disabling the airbags. Car manufacturers have known this for a long time, which is why you can disable the passenger airbag (Toyota owners, open the passenger door and check the end of the crash padding, you'll find a keyhole for just this purpose. This is not for use in pre-divorce situations, though) for those who, for medical reasons, cannot wear a seatbelt. Without a seatbelt, you're slightly more likely to survive if the airbag stays the hell out of it, assuming you don't go through the windscreen instead. Another little tip: Always make sure the whining git who can't wear a seatbelt is in the FRONT passenger seat where their flying corpse isn't going to decapitate any other poor sod.

Off topic? Yep, surely, but tapes are still the ultimate in backup reliability [1] so I didn't really bother with yet-another-mechanical-hard-drive-point-of-failure false sense of security product. Just like airbags, really. The best way to stay alive is practice defensive driving, assume every Volvo is on auto-pilot with a very primitive AI, let every BMW pass safely and stay the hell away from the noobs and flat-cap-and-glasses mob. The best way to back up your data is still "do not trust hard drives or optical disks that have a shelf-life of a cheap loaf." Those of you using the DVD backup and archive method, use Taiyo Yuden based disks, preferably DVD+R, and nothing else. Trust me on this one.

[1] A bulk eraser has yet to be made that can erase a DDS tape successfully. http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

Private firm may run UK spy über-database

Chronos
Go

OK, fess up...

Who the hell is this Sir Ken Macdonald and how did a competent person ever get into a position of power? There is a failure of standards here and lessons must be learnt. I also failed to see a single buzzword or one piece of spin, so I suggest this man skipped the mandatory training. Not acceptable, people! PR are going ape over this and Wacky Jacqui is breaking things (in an opposition member's office, naturally).

In other matters, Mr Burn 'em was found crouched in a corner of the cabinet office rocking back and forth and gurgling to himself about filters. Please could the canteen staff keep the coffee machines fully stocked in future? This sort of thing does us no favours with the proles.

Proceed, because they will.

OMTP opens up to new members

Chronos
Jobs Halo

The second coming...

Had they included Apple in the list of incoming members, the timing of the announcement would indeed have been appropriate. Of course, there's that word "Open."

Sorry, just couldn't resist ;o)

Mozilla hastily shoves Firefox updates out door

Chronos
Joke

Heh

That'll teach us for gloating at the poor old IE users, eh?

Nice to see the Google spyware gone from V2, as well. If that doesn't get me flamed, nothing will. I need a few flames; it's rather cold today ;o)

Apologies after teacher's 'Linux holding back kids' claim

Chronos

The point?

It's over here and some people seem to be missing it. -------> .

This isn't about what they teach children, although some of that is bad enough. This is about stifling the natural curiosity of kids of a certain age endowed with a bit of grey matter. It's also not about zealotry. I don't particularly like "Linux" as there seems to be far too many distros, a mish-mash of other people's preferences and umpteen different package managers, filesystems, filesystem hierarchies and configuration layouts [1]. What this IS about is letting kids discover things on their own, rather than being force-fed the usual bull, half of which will be proven totally wrong in the next decade or so anyway because, collectively, we ain't nearly as smart or advanced as we think we are.

Think back, if you were around then, to the time when the eight bit era was in full swing and we were all writing programmes in assembler for Z80s and 6502s? Remember the fun we had, even when the Magic Blue Smoke escaped from the bus port because we'd bridged two tracks on the Veroboard? Bringing shit to school and comparing notes with your friend with the ZX Spectrum 48, breaking and then hurriedly unbreaking the school Econet before you get caught and watching the Winchester spin up? The ribbon cables, the components, the EPROM burners, hot soldering irons, 5.25" floppies, tape decks with Schmidt triggers bodged onto the cable because that's the only way you could get the levels right and the noise down? The next wave of this very thing is what's being denied kids with a little curiosity because it's not what the system wants. They don't want creative, intelligent, thinking human beings coming out of the other end of the system. They want obedient consumers who aren't going to try to jailbreak their messiah 'phone, aren't going to replace the OS on their trojan ridden, marketing friendly, corporate sponsored computer and are going to simply buy a new gizmo when their old gizmo breaks.

This teacher confiscated a kid's own property, stopped him talking to his fellows about the exciting new way he had found to satisfy his curiosity about how computer systems worked and punished him for expanding his horizons and encouraging others to come and see what he'd found. If that's not wrong then there is something around here that's seriously fucked up and I see no reason in the conciliatory update to change my opinion. Besides, it's really not her at whom the ire is directed, rather the system that produced her and those like her. Really, she's just another victim of the mindset that is causing all of these problems.

As for "thrown to the wolves," let's take your metaphor and run with it. Usually, wolves stay in their packs, howl at the moon, eat, breed and stay the hell out of the way. However, they are usually very good parents (far, far better than humans) and the whole pack will come for you if you beat one of their pups over the head to the point it can't think for itself any more. That's the issue at play here, not the warring factions of proprietary and open source software, individual personalities or one ignorant teacher overstepping the bounds of her "authority." It's like calling to like and the realisation that the intelligent are being denied their rights and having their intellect stifled at the very time it should be left to develop naturally.

[1] That said, it works *for its intended audience*. You want a simple desktop? [U|Ku|Xu]buntu depending on your poison for the DM. Want a decent server? Centos. Want something similar to MS Server with lots of GUI config tools? SuSE. Want something you can customise to death? Slackware. My point was that it is a minefield.

Chronos

Yet again

...George Carlin is proved right. School in the US is the place where children are sent to be stripped of every trace of individuality and forced to become conformist consumer automatons bowing to the will of their corporate masters. Just like the UK, in fact.

I will miss that man. He, at least, knew what the fuck he was talking about.

Pirates pee on Amazon's MP3 parade

Chronos
Coat

Re: FINALLY

Sadly, the freetards are spoiling it already. Just WTF is the point? Yet again, we have two competing extremists making life awfully difficult for the rest of us. Whatever the freetards say, recording quality music (if such a thing exists these days) costs money, so those costs and some profit MUST be recovered for music to be a viable career choice. Whatever the Industry Ass. mob say, DRM is obstructive and demeaning to their customers. So, freetards to the left of us, arseholes to the right...

My coat, please. I've had enough of this fight. All I ever wanted was to be able to stick legitimate, paid-for audio files on my music partition and be able to play them myself (not share them with anyone - I'm not a great believer in this altruistic "what's mine is yours" bollocks) anywhere. It's back to buying polycarbonate and spending half an hour making them into Ogg Vorbis files for me. I know format shifting is technically illegal right now (in the UK. The US has fair use, we don't but there is change in the pipeline) but it's far, far better than either of the two extremes.

By the way, am I breaking the law if I make those files available to family members on their machines in the same household (netgroup secured NFS with ACLs)? I always wondered, because what you pay for when you buy polycarbonate Frizbees is a licence to reproduce the audio for personal use, leaving aside the format shifting being technically illegal in itself.

Study spanks Adobe Flash for abuses of power

Chronos

Do we care?

This is the question one must ask. Are these green issues reality, or is carbon dioxide simply a very small variable in a larger, much less well understood overall situation than these "experts" would have you believe. For example, albedo and water vapour play a much larger part in GMST.

So, is this "carbon footprint" newspeak really about "saving the planet" (which is, to my mind, arrogant in the extreme since the planet has been here - FSVO "here" since Earth moves and never ends up in the same place twice - a darn sight longer than humanity) or is it just lining the pockets of these so-called "researchers" and giving government an excuse to increase fuel duty and the French an excuse to charge us the same for off-peak power that we were paying three years ago for peak units?

Besides, who the hell suffers animated ad banners these days? I haven't seen one for ages. Silverlight? No support in this OS (not Lunix) and anyone using it is essentially saying "Windows only on my site." Which is fine since it's their site and if it needed jazzing up with animated shit, it probably wasn't worth looking at in the first place. Animated GIFs? Guys, seriously, 1995 called... As for punching the monkey, I'd rather slam a bunch of fives into the face of whoever thought of it, assuming that said lobotomy recipient would notice. Same response for anyone, ANYONE, who adds a music track to their home page, usually some new-age bollocks or a little jingle that gets on one's tits after the first bar and has you reaching for the speaker power switch before the wife hears it and thinks you're going soft.

When considering ads, the rule is if it is more than a few lines of text, it gets blocked. Nothing to do with being an ecotard, more to keep me sane when using today's corporate sponsored, "monetized" electronic billboard that is the web and stopping these retards using the bandwidth I pay for just to annoy me. And Google? Please. Its ads are the right format, but it wants to know you. It wants to know all about you. If it were a person, you'd have it in court for stalking. Everywhere you go, urchin.js is there waiting for you.

Now I just need to filter all the Pricegrabber, Kelkoo and similar shit from my web searches and my "web experience" will be almost bearable. Oh, and for those who are tired of speedtest.net's Flash interface that makes you wonder why the hell you bothered putting together that Core2 Extreme QX9775 box with 8GB of memory and two 4870X2s in crossfire when a simple speedtest still looks like a runaway process, try thinkbroadband's Java test. It actually works without making you run all manner of benchmarks afterward just to reassure yourself that Intel haven't stuffed a 386 SX into an LGA775 package.

Do I care about how much power my machine uses? You bet I do, since the French have me by the bollocks. I give less than half a shit about CO2, but when the frogs keep on sending me extortionate bills just for vibrating a few electrons in my wires, I take notice. Did that figure in my draconian ad blocking scheme? Did it buggery. My SANITY figured heavily in my draconian ad blocking scheme.

Satanic net neologisms - nominations invited

Chronos
Flame

Just one letter.

U. Like they couldn't be bothered to type "you." Or UR, M8, any of these. Often found lurking in IM and IRC, people like this should have their fingers removed and be forced to type with either their noses or the other useless appendage they usually have dangling limp and floppy from their foreheads.

Can't be bothered to type properly? I really can't be bothered to read your drivel, either.

Heidemarie 'Toolbag' Piper set for second spacewalk

Chronos
Coat

Re: up or down

Perhaps "Unplanned Orbital Insertion?" It certainly sounds better than "accidental test of the NEO tracking capabilities of NASA." Maybe they're getting ready to throw some more useless junk overboard and are looking for a good way to lose it to keep the ecotards from getting upset.

As for missing arachnids, how many people are aboard the ISS? Was there a leg each?

Mine's the one with the slightly singed fragments of tools and a grease gun in the pockets...

UK.gov tells domain industry to get its house in order

Chronos
Alert

Here we go again.

Something else they understand little, if anything, about for them to bugger up. Plus ça change...

Mind you, IF they can get some of these brain-dead registrars to discover that the automaton really does accept IPv6 glue as the third argument of the dns<n> stanza in a MODIFY transaction, I'd be almost happy. Does anyone know of a registrar that lets you do this with a .uk domain or is my only hope getting my own tag [1] and having to shell out to join om nom nom Nominet myself?

[1] OK, strictly speaking, any old munchkin can get a tag without joining but I don't fancy paying 80-odd quid per domain.

Main BBC channels to be broadcast live via web

Chronos

Obvious.

This was where they've been heading for a long time. They have been trying to justify sticking the TV tax on computers since Tessa Jowell brought the issue up in parliament. El Reg even reported it to us, so why is anyone surprised?

http://www.theregister.co.uk/2005/03/03/pc_tax/

One step closer.

BT silences customers over Phorm

Chronos

Streisand effect.

Not attracting attention: You're doing it wrong.

McLaren teams up with chip firm for F1 hybrid tech

Chronos
Thumb Up

The ten teams

"what will make up the 2009 F1 grid"

Please tell me ElReg have NOT, to be fair, added Blunder to the list of wot are, for sure, hacks. ;o)

Priceless.

Firefox update fixes four critical flaws

Chronos

@Florence

Well said. Firefox 3's "AwesomeBar", well, isn't for a lot of people. I know it's easy to disable (OK, cripple by setting its results enumeration to 0) but it's much easier for me to simply stick with what works. Besides, on my chosen platform, the system-wide plugin location is set to a non-standard prefix and it takes much piddling about with symlinks to get them working properly. The first version of Fx3 also somehow broke /home over NFS, which made it completely unusable. Fx2, OTOH, performs perfectly on make install.

@James: Change for change's sake is not good. That's not to say if you like Fx3 and its new UI, you're somehow odd; if it works for you, fine, but don't force your tastes on the rest of us and ridicule us when we make an informed, reasoned and conscious choice. That's what religions do and I think we're all very aware of where that leads. The capitalists love that mindset, of course. Unthinkingly grabbing the latest of everything makes you an ideal consumer.

ISP boss pledges to undermine Great Aussie Firewall

Chronos

15 Years

Hang on, what month are we in? September 1993 - November 2008. Seems he's about right, give or take a month or two, for those now making the rules up. I wonder if Malone is a Monk?

The AOLers have taken over governance of the 'net (where net==www). It was inevitable.

Farmers demand 'special' climate deal for flatulent cattle

Chronos
Go

Forgot to mention

You greenies might like black tea or coffee, but I like mine white with proper, non-faddy whole milk. If I can get it before they pasteurise/homogenise/bake all the nice bits out to put in cream cartons and charge me for the privilege, so much better. And no, I cannot stand Coffee Mate [TM], probably from Nestle because most of their stuff tastes like synthetic crud.

You lot conveniently forgot about dairy produce when considering the amount of grass/water/CH4 per kilo of cowmeat, didn't you? Well, I won't say anything. Let's hope nobody else notices.

Oh, and there's a more important greenhouse gas than CO2 or methane. Care to take a guess at it's name? Its molecule is a strange shape, has the odd property of being less dense in its solid form, is better known in its liquid state as being essential to life and is roughly estimated to contribute to 60% of the atmosphere's greenhouse effect in its gaseous form. Ironically, the particulates we used to pump out contributed to this gas condensing and the resultant cover raised the planetary albedo, being the one factor thought to affect GMST more than any other.

http://www.espere.net/Unitedkingdom/water/uk_watervapour.html#x3

Save the planet, boy! Save! Save! (Yes, this is my mantra so nobody can say I am not taking this green bullsh^H^H^H^H^H^Hdriv^H^H^H^Hissue seriously.)

Chronos
Go

You're all missing the point!

Just think of the comedy value of seeing a herd of Fresians with filters/catalytic converters attached to their arses. We'll be the laughing stock of the world.

Hint for those who only think in terms of carbon because that's what people will not STFU about: Cows emit methane from their rear ends, predominantly, and they have been doing this for eons without the planet becoming FUBAR. Perhaps we should all stop breathing and farting. It'll be messy, but it's for a good cause isn't it?

Save the planet, boy! Save! Save!

Targeted attacks to add to ISP woes

Chronos
Unhappy

IPv6

"Looking ahead, the majority of respondents to the survey reckon that the long-awaited rollout of IPv6 will prove to be a security headache."

Yes indeed, since people have been conditioned to expect to be behind a NAT router and haven't a clue how to secure a publically routable direct connection, which is exactly what they'll get with IPv6 by design and you know what? It's your fault, ISPs. You took away the end-to-end nature of the 'net and now you'll be giving it grudgingly back to a clueless, unprepared and vulnerable public. Not only that, but you've procrastinated over the rollout for far too long, giving the consumer hardware manufacturers no incentive to research and develop for IPv6. It'll all happen at once with no margin for error now we have reached this stage in the 'net's development because you simply could not be bothered to invest the time and training to get your people ready for the inevitable. Well done.

If you want to know just what they'll face in two years time, because of zero preparation and a head-in-the-sand attitude, here's a nice little linky from ElReg that shows BT Wholesale's 21CN can't handle native IPv6 anyway: http://www.theregister.co.uk/2008/10/10/21cn_ipv6/

If any of you shower of cretins laughably called "Internet Service Providers" think to mitigate your inattention by using NATed IPv4 connections over RFC1918 space when the RIRs run out, you had better think again. Some mobile networks already do this, it breaks far too much to be called an Internet connection and customers are going to be "mighty unhappy," to use the American vernacular. Of course, the freetards will love it as they'll be able to pirate shit with impunity and there's no way you're going to be able to log every NATed packet with any accuracy. Guess who will then have the attentions of the various Asses of America and Por^H^Hhonographic Industry bodies turned upon them? You think you've got problems now? Wait until 2011 turns up.

Company That Can't Be Named slams critics

Chronos
Joke

I just hope...

...that the rest of the behavioral targeting mob is paying them well for being the whipping boy/guinea pig/worst of a number of poor choices whilst they get their shit together. One wonders why Mountain View has been so quiet, given that this stomps on their core business rather heavily. I would also like to take this opportunity to send my commiserations to those investors who have lost an imperial arseload [1] of cash and hope that someone, somewhere has given you and WKWAI enough to retire on, since you'll never work in a position requiring anything more complex or responsible than inserting a bolt into a Tonka toy with a fourteen page work instruction and three supervisors watching your every move ever again.

I must admit, it was a cleverly planned (except hosting initially on FarceHosts, a dead giveaway that this was not a serious company), well executed move by all concerned and the choice of a man with the most arrogant demeanour, evil background and awful accent as chief nasty was inspired. It's almost too convoluted for my own Machiavellian mind to follow, but talent recognises genius...

Joke alert. <SpookyReverb>Or is it?</SpookyReverb> ;o)

[1] Slightly larger than a metric fuckton. Sorry for deviating from ElReg standard units, but I'm old school where we learnt pounds, shillings, pence and HOW BLOODY MUCH?

One in ten DNS servers still vulnerable to poisoning

Chronos

Re: Short-sighted much?

DNSSEC isn't encryption, at least not in the same way as TLS/SSL. It does increase zone storage sizes and yes, on a busy server it will increase load due to the larger responses, but the mechanism is in the clear just as with normal DNS. What DNSSEC does is returns extra resource records such as RRSIG to clients requesting DNSSEC (dig flag +dnssec and you might want to add +multi to that to make it readable. You'll be wanting to query a DNSSEC aware resolver). Unless you're adding or removing RRs continuously, your extra workload as a sysadmin is restricted to effecting and keeping records of key rollovers. Changing the zone data between rollovers just requires re-signing the zone with the same keys and specifying the end date.

A zone is still static in whatever backend storage method you use and the data is still requested and transferred over port 53 in the clear, so the cost of crypto argument is moot. Bandwidth, however, will increase. This is unavoidable.

As for "it's working well enough," you know it isn't. There are umpteen different ways an attacker or a badly configured resolver can inject or introduce false information into a DNS transaction with no way, until DNSSEC came along, for the client to verify the authenticity of the information it receives as the DNS is insecure by design and is about ten years overdue for a good coat of looking at.

Example of a DNSSEC transaction:

; <<>> DiG 9.4.2-P1 <<>> nlnetlabs.nl +dnssec +multi

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49907

;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 3

[ The "ad" flag means DNSSEC has been requested and the response has been verified as trusted. Which it should be as nlnetlabs.nl is one of my trust-anchors. ]

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags: do; udp: 4096

[ Note the EDNS, or Extension Mechanisms for DNS, defined by RFC 2671. This allows a UDP reply to be longer than 500 bytes (in this case 4kB) and is essential for DNSSEC ]

;; QUESTION SECTION:

;nlnetlabs.nl. IN A

;; ANSWER SECTION:

nlnetlabs.nl. 3600 IN A 213.154.224.1

[ Standard A record you would expect in any DNS transaction for a simple forward lookup ]

nlnetlabs.nl. 3600 IN RRSIG A 5 2 10200 20081129015003 (

[ This is the new boy. RRSIG is the result of signing the A record with the ZSK, which in turn is signed with the KSK, the public key of which is known to either the parent zone, a DLV registry or added to a client as a trust anchor, which then allows the client to make a decision on whether it trusts the reply based on "trust anchors" containing SEPs (secure entry points: This is usually the public KSK of whatever zone you use as the trust anchor) of known good zones. None of this is done "on the fly." It's all static in the authoritative server's backend and can be safely cached for the length of the TTL. The only crypto involved is on the client side while verifying the RRSIGs. All of the necessary public keys are published in the zone itself. ]

20081101015003 18182 nlnetlabs.nl.

jxNZ6Z56Nr/jLBlSfz0zOIHSG///tojuS4E6yAPAe7aJ

5XHPdgP+qSnKSti7f1fENJcXX3u+bpbIFXee7GyM4bY4

Xu/xhO34kmabKp/lYJk6uLaptOs5JtyRO/pgnc11e9JM

XlvDLiInSDyi/M0I4RDDmXU/QMTAq0svBDwKmlQ= )

;; AUTHORITY SECTION:

nlnetlabs.nl. 7200 IN NS ns7.domain-registry.nl.

nlnetlabs.nl. 7200 IN NS open.nlnetlabs.nl.

nlnetlabs.nl. 7200 IN NS omval.tednet.nl.

nlnetlabs.nl. 10200 IN RRSIG NS 5 2 10200 20081129015003 (

20081101015003 18182 nlnetlabs.nl.

YrslcGdgl+YNmJ1/c0Fh7CwDdWF4zWNroZNIvLmqoAYy

14on8MIxP88dfdi1fmbEkXrSLMHCC70hpJ0S8HhHjNRP

KlH9OveoEt+pGaAu1zywGClJrafB4vr1CoSZ59MjMZy0

s5zTI2JN3+96PH/8EO3MLYPml7r5GVaCihjy3aA= )

;; ADDITIONAL SECTION:

open.nlnetlabs.nl. 7200 IN A 213.154.224.1

open.nlnetlabs.nl. 10200 IN RRSIG A 5 3 10200 20081129015004 (

20081101015004 18182 nlnetlabs.nl.

C44JcqFHGQkXG3nKJalZ6elmiHPTvTL83BNMqm04fasz

0UsBX7HNWNAKHfBQARQnUfmSdaCAH72JW+krVY1yNLCG

8p4NudwuSZ+adbG70sZBG5RbejiaBc+pEC0o9wnwHw+U

t943mD6j7a7V9MsgLykzi+Y+/7JL0TtCC5EGHSk= )

Chronos
Stop

DNSSEC

"I had hoped we would see a spike in the adoption of DNSSec, but we really didn't see much of anything," Liu told El Reg. "It says that awareness of DNSSec is not that high, and the people who do know about DNSSec are probably afraid of it."

DNSSEC is trivial in BIND 9 and we're afraid of sod-all about it. It's getting your secondary providers to support it that's difficult. Most secondary providers don't even recognise AAAA or SPF RRs, let alone RRSIGs. It's fine for those with a server in every CoLo, but for the rest of us mere mortals trying to keep our subnets separate and our secondaries globally dispersed it's hell.

Now, getting your parent zone signed, that's a whole different cooking utensil of piscene matter. I'm using lookaside (the ISC's DLV) at the moment. $DEITY alone knows when the fractious, argumentative lot in charge of the ccTLDs, gTLDs and roots will make their minds up. RIPE's DNS-WG can't even agree on the wording of their response to NTIA's proposal. I suppose semantics count for something but, guys, as polite as I can make it, THE DNS IS FALLING APART AND YOU'RE WORRIED ABOUT GRAMMAR? Get on with it, ferchrissakes!

Nice little link for anyone "afraid" of DNSSEC: http://www.nlnetlabs.nl/dnssec_howto/

Buffer overflow bug bites Linux wireless component

Chronos
Gates Horns

Re: This is why ...

And what, then, if your lappy only recognises the Broadcom card's DevID or, worse, the subvendor ID it shipped with and errors out on POST with anything else in its MiniPCI slot? Hack the BIOS? I hope you're good with checksums. What about the Atheros HAL? I know they've open sourced an older variant of it, but how do we know these binary blobs don't harbour off-by-one errors or unchecked buffer overflows and such? Ralink (2501 and 2600 MIMO. The original 2500 hardware didn't need it) firmware? Intel firmware? The list is endless. Like it or not, there's plenty of scope in the "open source" drivers for such errors to be creeping in and, let's not forget, the bit of NDISwrapper that has the bug IS open source.

Life ain't that simple. Idealism is a fine thing but it's hardly realistic when you have the FCC and other agencies making rules and breathing down vendors' necks and people who aren't technical enough to hack the BIOS on their Thinkpad using this stuff. NDISwrapper and ndisgen make this a lot easier for folks who haven't the time or inclination to lobby hardware manufacturers or get the FCC the back the hell off.

As an aside, I recall when this was called "Project Evil." We now know why.

Researchers find more flaws in wireless security

Chronos
Pirate

Re: What about filtering?

Have you any idea how easy it is in a half-decent OS to clone a MAC address? ifconfig ath0 link 00:0f:de:ad:be:ef will do just nicely and that MAC address can be picked up rather easily using any decent wireless surveying software. MAC filtering is useless against an attacker with even skiddie levels of clue.

The ideal at the moment, if you really must use wireless, is WPA2-EAP running IPSEC over the link once associated, with "required" in your SPD for all localnet hosts, wired or wireless. Much extra load on your network stack and software crypto (unless you're a lucky sod with either a hardware cryptodev or a Via C7), but it's about as secure as it gets for now; even if they burst your wireless femidom, they still have the IPSEC dutch cap to worry about.

Here's a radical idea: If it's that sensitive a network, don't connect an AP to it. If you think of it as leaving a stray cable, plugged into your core switch, lying on the car-park for any old munchkin to connect to his OLPC*, you'll not go far wrong.

* Do OLPCs have a wired port? I must confess I really don't know.

Chronos

TKIP?

Is there any reason at this point not to be using AES, given that most recent, and some not-so-recent chipsets and WAPs support it? Certainly most of the later (such as WRT54 et cetera) blue Linksys kit supports AES, despite it not being specifically listed as WPA2 in the setup (you simply select AES over TKIP. I guess this is because the WPA2 interoperability standard, 802.11i, wasn't finalised at this point). Ballache for lusers who don't understand the TLA soup, but those of us in charge of networks transporting anything more sensitive than Myspace Mary and her laptop on a Homehub have no excuse to be using TKIP any more. In fact, we really shouldn't be using pre-shared keys either, with or without AES.

Bottom line: As Dragos Ruiu points out, if TKIP is vulnerable, even in such a limited way as this 'sploit demonstrates, ditch it. AES, AKA Rijndael, is still unbroken, resistant to cypher text analysis and more robust than TKIP/MIC. XP (both Home and Pro), Vasti, Linux, BSD (using wpa_supplicant) and MacOS support 802.11i encryption.

Besides, WPA/TKIP was a stopgap from the start, a snapshot of 802.11i while the WiFi Alliance got their arses into gear.

Wi-Fi phobes hijack disability legislation

Chronos
Flame

Halfwits

I wonder how many of these morons have microwave ovens? I also wonder if they realise the leakage from said machine, from which issues hot, sad bastard meals for one, the watching of which going around on the turntable is most likely the highlight of their day, probably exceeds the level of holding onto the aerial of your average, pitifully low powered (20dBm, or 100mW ERP over here in Rightpondia. I believe the Merkins may use a little more, perhaps 23dBm or 200mW ERP or so) 802.11b/g/n access point? It's the same portion of spectrum.

Perhaps I shouldn't have mentioned that...

"They're COOKING us!!!eleventyone!11"

If only. :o)

Preventive policing? Don't even think about it

Chronos
Thumb Down

@A J Styles

From http://www.direct.gov.uk/en/Governmentcitizensandrights/Yourrightsandresponsibilities/DG_4002951

"The rights are not absolute – governments have the power to limit or control them in times of severe need or emergency."

In other words, you have no rights. Something that may be taken away is called a privilege. Sorry to sound so melodramatic, but it's something that people don't seem to be able to grasp. A right is something innate, something that you have and cannot be taken away unless you voluntarily relinquish it. Anything that may be revoked without any action on your part is NOT a sodding right.

BBC has newsgasm over Obama's dog

Chronos
Coat

Poodle crosses

Yes, I've seen them. My wife was once at a market when a woman, replete with false fur and nose in the air, passed with some strange mutt on a lead. What is this strange dog, my better half inquired, us being doggy people and all.

"It's a Yoodle, dear, a pedigree Yoodle." the old dame replied, nose still sniffing the Stanlow fumes, whereupon a Scouse stallholder chipped in with the best pull-down I've ever heard:

"It's a bloody Heinz 57. No, bugger that, it's a Pot Noodle. Now sod off before I boil a kettle."

The mutt, apparently, was a Yorkshire Terrier - Poodle cross and its owner was well known by the stallholders for affecting airs that didn't match her background. Now, a peanut for anyone who can formulate a "Google."

NHS needs to catch up on technology

Chronos
Flame

Better leadership?

Unless "better leadership" means getting rid of some of the useless pen-pushers, those suits you find wandering around your local NHS trust with empty foolscap files trying to look important to justify their existence, and redirecting the funding to more worthy causes such as actually healing people, regardless of whether they're over 65 or not, I find it hard to agree with that conclusion.

You can tell when one of these suits walks past. Without fail, every single doctor, nurse and consultant watches it walk past and shakes their collective heads wishing they had the eight hour day and pay scale of the useless moron that just passed through their domain.

Speed cams ditched in Wiltshire

Chronos

Re: Whatever next? Stop arresting criminals?

The M6 accident was caused by a Portuguese LGV. Left hand drive (blind spot conveniently on the right), driver not used to British law, overworked and had probably been driving for way more hours than are permitted in this country. Even then I'm guessing that the driver isn't just a convenient hook upon which to hang the outrage.

Nothing at all to do with excessive speed, despite the fact the the idiocracy seem to think speed is the root of all driving evils. If I wanted to read non sequiturs all day I'd read the Mail or Hansard for my daily quota of irrelevant justifications for stupid laws and ideas from people unable to connect cause and effect.

Eee PC series to get Windows 7 but not Vista, says CEO

Chronos
Go

Mass facepalm hits Asus

"Shen said the Eee line will gain Windows 7 "in the second half of next year""

If:

1) Microsoft's roadmap is accurate, which I very much doubt given past performances;

2) It's up to the job. Stating you'll change the BoM without testing with whatever you're changing to and before it's even released is rather stupid; stating you'll change the BoM from something proven and stable to a dot zero release is sodding madness;

3) They don't rip enough planned "enhancements" out of 7 to make it another damp squib;

4) Customers are willing to pay the MS tax on SCCs;

5) Customers actually WANT Windows 7.

Most amusing. Now the CEO's smunderlings are going to have to make his prophecy come true. Poor bastards, I almost feel sorry for them. Almost, were it not such good comedy ;o)

"Oh Christ on a bike! He's off again, making more impossible work for us. Someone shut him up, please? Anyone?"

Proceed, because I really do love a good laugh on a Wednesday morning...

'U-turn' West: MI5 watching 'great' terror plot right now

Chronos

@N1AK

That smiley face was the one he was trying to save... :)

73 de Chronos (not played radio for soddin' ages due to the idiocracy, assuming that is a callsign)

Chronos

Re: Jihadi terrorists

>> Are these Eurasian or Eastasian?

> What does their race matter?

That was Ash's whole point: It doesn't, providing we're perpetually at war with someone. As long as they have some entity to threaten "us" with to allow them to grab other powers, they're quite happy. Just because you can think your way past the bullshit, doesn't mean the lowest common denominator (such as Daily Mail or Sun readers who would have to climb a step-ladder to raise their collective IQ) can.

Mob rule. That's all democracy really is and, if you can persuade enough thickies (since they're more abundant) that there's a threat, you have an instant mandate to take whatever liberties with private people's lives you find necessary. If you then make laws that nobody can help but break (link to uber-database here), double-plus good. That way, those who disagree are too cowed to complain, leaving you or your successors effectively in control in perpetuity.

I'm tempted to say this is the reasoning behind warning labels on everything, Health and Safety law, signs, guards and other such tripe: They're preventing Darwinism from working properly and removing these easily led liabilities from the gene-pool.

You really need to brush up on your 1984, too, otherwise you're going to be hearing those "WHOOSH" sounds a whole lot more in the current climate.

But we're at war with the... oh, crap, who is it this week, Ash? Eastasians? Looks like a trip to room 101 for me. Arachnids again, no doubt...

Android comes with a kill-switch

Chronos
Joke

I said it would be a joke...

Hate to say I told you so ;)

T-Mobile Googlephone to hit UK in two weeks

Chronos
Joke

Oh hooray!

That was with heavy sarcasm. Don't blame me if they launch the GeekRoomView extension to Google Maps after three months of your almost useless T-sodding-Mobile chained handset sitting in its dock with its aGPS and camera activated. Oh, and send that "text message" to the bird in accounts and both of you start getting ads for teledildonics. This is Google, after all.

Joke: Because these things invariably turn out to be.

BOFH: The Mandelboat virus

Chronos

@Michael

Of course. We would never alter the Squid box to 307 his top five sites to some rather nasty dwarf on contortionist pr0n then "accidentally" find his browser cache and get him the "cardboard box and security escort" treatment, would we? It's just not in our nature to take an active role in disillusioning them of the notion that we're there to serve them by fixing their home computer (which is infested beyond all redemption due to little Jimmy, the CFO's son, being addicted to Limewire and the CFO himself having the clue-level of a cane toad that has just met the Australian national cricket team at a new bat testing session) on our lunch break while they fuck off to the pub with the other bean-counters, is it?

Rule #1: Never tell the lusers it's not real.

Rule #2: Never tell the lusers it's not real. I know that's technically rule 1 again, but it seemed so important that I felt mentioning it twice was warranted.

BT's third Phorm trial starts tomorrow

Chronos

Re: SSL Red Herring?

It would take quite a bit. First they'd have to find a way to pretend to be the host in a way that they can hand off seamlessly to the real host for their spyware system to work transparently the way it does with insecure HTTP. Then they need to find a way to serve the correct key to the correct request, something I don't even want to think about right now as it is hellishly complex. Apache itself can only associate one keypair to an IP. Vhosts need their own IP if they're going to be using SSL. A MITM attack on a single domain is trivial by comparison, even though it needs a trusted (by the browser) CA to be convinced you control the domain to work without throwing up warnings. Ultimately, this means that without the private key they're buggered and they'd be spotted immediately.

Naturally, forget the above if you're one of these users that clicks "continue" and "forever" on any SSL warning; you're ripe for harvesting.

Oh, and FORMER spyware company? They're still at it, AFAICT.

Chronos

Phishing

Ah, the old redirect to a fake domain trick. Isn't this what phishers attempt to do? And this is legal? Looks like you'll see this in courts soon:

"But BT and Phorm do exactly the same thing, so it must be legal!"

Before anyone starts with the "consent" rejoinder, the invitation page is clearly making the most noise about the anti-phishing "feature." To my mind, that is NOT informed consent. Anything short of "We will be logging and recording the contents of every HTTP URL you visit through this ISP and, even if you opt-out, your packets will still pass through the system to be examined for the opt-out cookie. If you block the Webwise IP, you'll get bugger all service to anyone else's port 80 because we redirect everything destined to anyone's port 80 through Phorm's system and, until we detect the opt-out cookie, we remain hopeful that we can make money out of you." is less than honest.

Perhaps we should all just replace our index.* pages with "Protesting BT and Phorm's destruction of Internet privacy on Tuesday 30th September - complain to them, not me" and stay off the Internet tomorrow as a protest?

As an aside, isn't it funny that most of the things that fuck the Internet up for the sane happen in September?

'Malware-friendly' Intercage back among the living

Chronos
Flame

Yet again, kangaroo court scenes dreamt up by the media

"Given the frequent inability of today's law enforcement in overcoming a rat's nest of extra-territorial and technical issues, this form of frontier justice is probably unavoidable."

For the last time, this is NOT mob rule, kangaroo courts or "frontier justice." Spamhaus forces nobody to use their DROP list, SBL, XBL, PBL or Zen. They're resources that allow network operators to exercise their RIGHT (it's still a right, right?) to drop traffic they do no want on their PRIVATE networks. Nothing more, nothing less. That it is seen as intimidating to network operators just goes to show just how trusted within security circles it has become.

We don't want regulators pissing about with the 'net. You've seen the mess they make of anything IT related that they have touched, ever. Do you really want that for the public 'net?

The rule is simple: Make a complete arse of your network and spew shit into other people's private resources, get blocked. That many of us use Spamhaus to do it is irrelevant. They are NOT, repeat NOT doing the blocking. We are, effectively saying we trust Spamhaus and old faithful Zen more than the likes of Intercage/Atrivo.

In short, get a sodding clue and stop demonising well-run resources for security professionals with this kind of irresponsible bullshit.

Electric Mini spied in Munich

Chronos

Re: No exhaust?

That looks more like the nearside suspension swing-arm that hasn't had time to go rusty or get covered in road crap. It's the perspective that is confusing. If you look to the right, you'll just make out the end of the corresponding offside joint.