* Posts by Jeff

34 publicly visible posts • joined 31 Oct 2007

Boeing to build prototype pulsed-microwave robomissile

Thumb Up

And thus the 'electonics-based weaponry' industry

dissolves back into the mists of fantasy from whence it came.

Who's going to buy a gun that US.Gov can disable pretty-much at will.

ContactPoint goes live despite security fears

Thumb Down

This wouldn't have helped in 2000 anyway..

in the case that supposedly sparked this system's creation.. the problem wasn't that the agencies didn't know where the child lived.. but that they didn't share their case notes. Which ContactPoint won't do either..

Hooray for government project scope creep... It's probably secure! and it's probably completely useless!

Plod called in on MPs' expenses leak

Thumb Up

Great Analogy!

Whack-a-Mole is the perfect analogy for UK.Gov's data leak protection procedures... I'll be using that!

Tory terror police were 'fishing' for Liberty



if this was a search of e.g. his house of commons email, then I'd imagine it to be a high security system with auditing and logging at all levels.

Either that or b. someone was present whilst they searched or c. this information was divulged by the police to the MP in question after legal pressure.

Lotus offers to end e-car silent running

Thumb Up

I want a podracer!


*jumps up and down shaking trident at lotus driver*

Next-gen SQL injection opens server door


Not just 'search boxes and fields'

Don't forget other ways of using GET and POST requests to a server (EG Manually) lots of people think that if they protect the 'forms' on their website, they're invulnerable.

There's also cookies, which if used without care can be a nice vector for attack.. and even persistant data, if you're reading from a database that's written to by other, untrusted (or just badly written, including your own!) applications, that can be used to inject too.

Leaving PCs on costing UK business millions


£300m across every UK business?

£17 per computer per year.. so.. if you have 10,000 computers (a lot) that's £170,000 a year..

I'd hazard a guess that for a company with tens of thousands of PCs, that would be a drop in the ocean of their annual turnover. Scaling it down to your average mid-size with 1000 PCs (to be generous) you're talking about £17,000 a year,, most places spend more than that on sandwiches for the board.

In summary.. who cares?

BBC zombie caper slammed by security pros


I hope this is tested in court.

and I hope the Beeb win.

If they do, this will be a massive win for security researchers and curious people on the internet to play around with 'hacking' tools for 'research purposes' on other people's computers and get away with it.

What needs to be done to get the Met' to investigate this?

Swedish police claim massive anti-piracy bust


Based on their obvious lack of understanding of how bittorrent works

are we really to believe this is actually copyrightable material, and not just .torrent indexes?

(probably, as it's a topsite, but still?)

Also there's no reference to any persons being arrested; so are we to assume no-one has been?

PS. There's no copyrightable material 'on' The Pirate Bay (except for that which is (C) thepiratebay) it might be found VIA the pirate bay.. but that's a totally different thing.

Google Earth faces terrorist target airbrush bill


The worst terrorist hit ever (?) was the world trade centre.

a privately owned building, in one of the most densely populated areas of the world. based on prior experience, that's the sort of thing that terrorists have targeted and will target.. not 'hard' targets like official institutions or military bases.

BT reprograms biz customers as hotspots

Thumb Up

I wonder if they can tell where the traffic comes from..

because if not.. this might be the end of BT ever ending someone's contract because they've breached the 'fair use' terms...

What did you do on Emergency Services day?

Thumb Up

Just like 01189998819991197253!

So..no-one knows about 112, and no-one knew about 112 day... .bloody marketing coup there...

Iranian rocket puts satellite into orbit


Wrong, what about Prospero X-3?

As per the title, we did it 5th... It wasn't launched from the UK, but the article says we've never built a rocket capable of putting objects in orbit. Clearly we have, and a long time before most other people.

Windows Vista stuck on single digit enterprise adoption

Thumb Up

We're waiting for 7

Put simply, why wouldn't we wait? There's no big move away from XP compatibility with software vendors yet (as there was with eg 3.1 to 95, or 95 to 2000/XP.)

For a business, the operating system is there to run the applications that the business needs, and as less than 10% of businesses use Vista, we know that XP will be supported by for quite some time yet. Until there's a real benefit in either cheaper/easier support, or significantly advanced features (or exclusive applications) an OS upgrade is all pain, no gain!

And of course, we still have PCs around the place running windows 2000, with no problems whatsoever.. so even windows 7 can wait for a bit!

UK to rely on mobile operators for universal broadband

Thumb Up

Broadband for everyone!

except those people in hard to reach areas... i.e. those who don't already have it.

We expect a level of nonsense from the government, and UK.gov fails to disappoint yet again!

'Miracle' plane crash was no miracle


@alexander 'Just glue a net to the front, problem solved'

I must point out the slightly obvious: any net that can stop at least one 5Kg lump of meat travelling at a relative velocity of up to 500 mph will have to be very, very sturdy. to such an extent that it will need to be very heavy, and will certainly restrict the airflow into the engine.

Moreover.. once the bird gets splashed across this net/mesh/grill, the airflow may well be cut off so much that the engine flames out anyway...

Microsoft preps IE 8 for the web-challenged

Thumb Up

Hang on a minute..

What's that, failing to comply with web standards is causing a headache for the Internet Explorer team at Microsoft?

'what goes around comes around' springs to mind! Finally they get a taste of what the thousands of web developers having to implement non-compliant tricks to subvert the shoddy old versions of internet explorer had to go through.

Google Analytics — Yes, it is a security risk


Least likely attack vector.

Is this website hosted in a data-centre in Obama's basement, patrolled at night by only his most trusted henchmen; Is the content management system written by eunuchs who will only be releasd from their cages in 2015; is everyone with administrative rights vetted for their knowledge and application of network security?

One rogue employee at wherever it's hosted, or on the web app development team, or one slip-up on the security of the campaign team's personal PC security (or using a cyber-café PC with a keylogger on it, f'rexample) could do just as much damage as a rogue urchin file... yes it's a bad idea.. but it's unrealistic to call it a likely threat.

Porn breath tests for PCs heralds 'stop and scan'


One Word


'Idiot' pulls cables, downs ISPs at Telecity


TelevirginNTLwest Media had several major outages this week

maybe this was the cause of one of them?

Burned by Chrome - Fire put out

Black Helicopters

How do they get access to all the stuff I'm posting?

-Incognito mode does not protect against google's continuous drive to destroy your privacy.

Black Hat organizers punt totally hackable RFID badges



One interesting security angle to this is that if the cards can be changed maliciously, then any data gathered from a card reader must be considered potentially malicious, and sanitized before use.

I'd bet that there are a quite a few apps out there which make the assumption that the data on a card will be in perfect condition, and certainly not actively trying to break something.

*changes name to jeff' or 1==1; -- a la XKCD :)

Oz censor, gamers fall out over Fallout 3 ban


The game is teaching our ..18+ year olds...

that if they're ever in a post-apocolyptic nuclear wasteground, fighting for their life against zombie-mutants and mad-max types... taking a pain-killer will help them ignore pain.

I say the developers should be hanged for such immorality.

Hackers mug gamers in Playstation Store


RE: You'd not change the pwd surely?

G E. I don't know how this system works, but one possible exploit is in the 'change/ forgot my password' functionality; changing the password to one you know is almost always a lot easier than finding the existing one.

If the hack centred around resetting passwords, then anyone who's password is unchanged is safe (from this particular attack)

Next time you go to the loo, bring your locked laptop with you


I think software devs could learn something from web security then..

the only way to resolve this is for software to stop storing keys in memory; but will need some sort of session identifier in order to maintain security etc.

Interesting times!

Bag tax recycled into eco-PR slush

Paris Hilton

looking at the HMRC out-turn estimates...

it's interesting that with all these 'green' transport taxes... the estimated expenditure on transport and on the environment are falling (as a % of total outturn) every year for the next 5 years.

And the expenditure on local government and filling up the NHS black holeis going up every year...

Not even Paris would believe these takes have anything to do with the environment

Village shaken by GPS-driven tank invasion


This year's British WSB should be fun!

Let's just hope they don't use the same GPS on cruise missiles in the gulf...

Otherwise the Hellmans factory might be in a bit of bother.

Man uses mobe as modem, rings up £27k phone bill


Never use a phone as a modem?

That's not what Vodafone Mobile Connect, the Voda branded software that lets me... USE MY PHONE AS A MODEM... says.

Left hand, meet right hand.

Brit workers: The Xmas skive starts today


Working in a retail-related industry

We're on call 24/7, all parts of the business are producing at something like 400% and after christmas it doesn't slow down for a good week or two...

I have GOT to get into the finance sector :D

Ministry of Defence leaks counter terrorism traffic


The most dangerous thing

is when webalizer is left on the default setup and shows secure and 'hidden' login portals etc. for admins and content editors.

Although obscurity never = security, it certainly increases the workload of a potential hacker, and immediately turns off any opportunists looking for an easy site to break.

Sun: MoD has Bond/Potter/Klingon cloaking device


I guess this was on the same patent application

as the Currant's invisible journalistic integrity...