* Posts by And Clover

14 publicly visible posts • joined 19 Dec 2007

Ten... sub-£50 budget MP3 players

And Clover

Another +1 for the Clip

I can also back up the Sansa recommendation. Good features; good format support; reasonably robust; proper mechanical buttons instead of touch-sensitive pads/screens (I've always found these unreliable on budget MP3 players). No problems with the batteries for me yet.

Ten... bedside iPod docks

And Clover
Jobs Horns

For non-iPod users

How about some alternatives for those of us who prefer not to buy in to Apple's closed and expensive MP3 player ecosystem?

For example, can the Sony device play audio from SD/MS as well as video, and can it do it on a wake-up timer?

This device works well as an MP3-playing alarm clock for me (from USB memory stick): http://www.amazon.co.uk/Naf-Clock-MP3-Stereo-Radio/dp/B0028YGY1K

Sony's Windows 7 virtualization switch-off (partly) reversed

And Clover

App compatibility

> Can anyone tell me which applications: can run on Windows XP; cannot run on Windows 7

Apart from all the old, dodgy and bespoke apps that don't get on with 7 (or which mess up with UAC in general), there's one big one for enterprises: the dreaded IE6.

Many poorly-coded intranet apps *still* don't work on any other browser, and because IE is welded into the OS, you can't (in an easy/supportable-for-IT way) run IE6 on Win7 or Vista. This lamentable technical decision, originally made to ensure MS's dominant position in the browser market, is now costing them sales. Whoops.

XP Mode would be the fix for this, except for the issues with Intel turning off VT on lower-end chips as an artificial product line differentiator, and rubbish OEMs like Sony turning it off because they're miserable idiots. Hopefully this will now stop.

[It remains unclear why the new version of VirtualPC, on which XP Mode is built, requires hardware virtualisation; the old versions didn't. VirtualBox's hardware virtualisation support is better now, and needed for running 64-bit guests, but for normal 32-bit XP there's no need for it.]

Net provider accused of coddling crooks yanked offline

And Clover

Good riddance

McColo have been housing the blackest of blackhats from the Russian-language AWM/malware scene for years. Really, really nasty stuff, the spam isn't the half of it.

I'm not sure what's happened to wake the upstreams up after years of ignoring security researchers' findings on companies like Atrivo and McColo, but it's very welcome.

Yes, of course the abuse will move to other providers in other countries, but the increased expense of moving hosting around and being kept out of US datacentres should hopefully cut down the plague of low-end affiliate players - the kind of guys we'd call script kiddies except that they do $millions of damage.

'Malware-friendly' Intercage gets PIE in the face

And Clover
Thumb Up

Way beyond spam

The net-abuse routing out of Atrivo was not just spam (both mail and web form spam), it was all sorts of malware, exploits, illegal porn, botnets and banking fraud.

This is not a free speech issue - this is simple crime.

Atrivo are not themselves the black-hats; the blame lies with a few of their resellers - primarily Esthost - which take up a majority of their netspace. I'm sure Atrivo will be back, but hopefully they will get the message that continuing to stick up for the criminals at Esthost is no longer acceptable.

Meanwhile Esthost are already moving resources to other netblocks they have which are routed by other shady upstreams. So on the one hand it's good to finally have something done about the biggest source of malware on the web after years of abuse, but on the other those of us blackholing them on a local level will probably get some new IP ranges to block...

I don't always agree with the aggressiveness of spamhaus's decisions, but in the grand scheme of things they have done a lot of good.

OMFG, what have you done?

And Clover
Thumb Up

Good - apart from the obvious

In general an improvement. Masthead is prettier, the top/side/bottom areas work well, and the movement of the ad scripts to near the end of the page improve render speed.

Of course, fixed-width is unmitigated suck. But you're going to fix that, right? Yeah?

Ten of the Best... iPod rivals

And Clover


Which of these support the USB Mass Storage Device standard (and so can have music added and removed using the normal file manager of any OS)?

Having to use cruddy software like iTunes or the above-mentioned (and indeed just awful) SonicStage is an absolute deal-breaker for me. I can't understand why any manufacturer would make a device without USB-MSD, it's not exactly a difficult feature.

Mystery web attack hijacks your clipboard

And Clover

whois information is false

combatwombat: it's no use looking at any of the whois information in these cases. The addresses given are invariably either:

a. completely made up

b. just copied from some other entity's address

c. mailboxes/forwarding companies

The people behind these fake anti-virus apps are Russian hackers coming from the AWM scene (and others in the Russian satellites). The registrar Estdomains (aka Esthost, Inhoster, UkrTelegroup, Cernel, Rove Digital and a multitude of other aliases) are themselves blackhats, directly in on the porn->exploit/fake-codec->trojan/fake-AV-install game. So they're not too fussy about correct whois details.

You could complain to ICANN and get the domain revoked in, what, six months. But these guys constantly change their names and register hundreds of new domains, so it's kind of pointless.

And Clover

Flashblock it

Flash is full of obnoxious features ripe for abuse by malvertisements. If it's not the clipboard access, or cookies you can't block with the normal browser controls, it's the mundane irritation of pop-ups, surprise LOUD auto-playing sound and CPU-killing animations.

The Firefox Flashblock extension - or some similar means of disabling such plug-ins by default in other browsers - is the only sensible response.

JavaScript standards wrangle swings Microsoft's way

And Clover
Gates Halo

MS is not always wrong

Sometimes even those dreaded evil corporations are right! Many of the ES4 and JS2 criticisms are very much valid; sure there's politics, but the argument is also technical.

Personally I don't really want to see more and more complexity added to JavaScript at a language level, it is troublesome enough as it is. The E4X extensions in Mozilla are already a syntax and security disaster that would have been better off in a library file. No further "cool" stuff like that please.

Intel touts user-defined app cache Vista speed boost tech

And Clover

Waste of time

Agree with the above comments, this is a pointless bodge - and an incredibly ugly-skinned one, judging by that screenshot.

ReadyBoost hasn't increased speeds much, and no-one wants the extra management overhead of having to assign applications to a separate drive manually. If I wanted to do that I'd just copy the program files over myself.

Flash-cached HDs are more of the same. These features are an exercise in overcomplication, from engineers who have nothing better to do with their time and desperately need to give their product 'features' even if they're of questionable usefulness.

In the long run, the entire system disc of a typical PC is going to be an SSD anyway.

Arctic ice refuses to melt as ordered

And Clover
IT Angle

Bored of this

What is this constant drip-drip-drip of one-sided denialist insinuation from 'Steven Goddard' doing on The Reg?

The climate change flame war is all very entertaining and that, but where's the tech angle?

RealPlayer users warned over unpatched vuln

And Clover

Even Alternatives still problematic

Whilst Real Alternative and QT Lite are massively preferable to RealPlayer/QuickTime, they still contain the same security holes as the originals. Which have demonstated their authors' security uselessness again and again.

Best to install the Alternatives with the 'browser plug-in' option turned off so that these vulnerabilities are not exposed to every web site you visit. Or even better, if you don't need DirectShow Real/QT support, don't install them at all and let VLC handle it.

(This does mean that embedded media players won't work, obviously. The inconvenience of this can, however, be reduced using the Firefox Download Embedded Plugin, which lets you grab media from embedded players easily, so you can then play using a proper, non-postage-stamp-sized media player of your choice.)

Dutch regulator slaps spyware purveyors with €1m fine

And Clover


Will Blake> Just for accuracy this is actually "iframedollars"

Presumably that's what they're trying to refer to. (I can find no record of 'infradollars' ever having existed.)

However, although CWS.IframeDollars were a big DR installer (they were affiliate 1030), the exploit group associated most strongly with DollarRevenue was CWS.VladZone. They went as far as hosting their worse installs at VladZone servers under the DR name.

Alan Donaly> I don't recall meeting this one

You would have met the things it then went on to install. Whilst DR did have their own spyware, their primary tactic was installing other people's for cash.

> On the other hand trojans you never really get rid of you have to reinstall.

And DR have bundled exactly those kinds of trojans (rootkits etc.).

In any case, unless you're a security expert (and sometimes even then) you're not going to be able to detect the stealthier malware, so you must assume the machine is still compromised and re-install.