* Posts by fronty

37 publicly visible posts • joined 29 Jan 2008

UK flights disrupted by 'technical issue' with air traffic computer system


It's DNS

It's probably a DNS issue, it's always DNS.

RIP Kevin Mitnick: Former most-wanted hacker dies at 59


I was lucky enough to attend a conference a few years ago where he was the keynote speaker - was a really interesting talk and he gave out his lockpick business cards, which I've still got somewhere. Cancer's a b!tch. :-(

Perl.com theft blamed on social engineering attack: Registrar 'convinced' to alter DNS records by miscreants


How is stuff like this still happening, it's 2021 for God's sake.

Linux 5.10 to make Year 2038 problem the Year 2486 problem


The rate we're screwing up the planet, I think we'll have bigger fish to fry by then.

Nvidia to acquire Arm for $40bn, promises to keep its licensing business alive


A shame

I think it's a shame that it's fallen into US hands, it's only a matter of time before they shut down the UK operation and ship the whole lot off to the US somewhere.

Like someone else said, hopefully the nerds will leave and start up something new.

Fitness freaks flummoxed as massive global Garmin outage leaves them high and dry for hours


Still down!

Still borked!

Twitter hackers busted 2FA to access accounts and then reset user passwords



Something dodgy going on here if 2FA was compromised.

Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code


Wow a 17 year old UXB!

I'm amazed it's taken so long to find this, I thought this is the sort of thing fuzzing was supposed to discover?

Great article here including a demonstration of this vuln, this is bad, very bad!


Keep it Together, Microsoft: New mode for vid-chat app Teams reminds everyone why Zoom rules the roost


Nah, fuck'dat!

In case you need more proof the world's gone mad: Behold, Apple's $699 Mac Pro wheels


Some idiot with too much money will buy them!

'Windows Vista' spotted doing a whoopsie over EE's signage


Don't shoot me!

I actually quite liked Vista.

I'm still not that Gary, says US email mixup bloke who hasn't even seen Dartford Crossing


Me too

Happens to me too, I get all the statements for some Birmingham residents' Virgin Broadband account. We don't have Virgin where we live. I did use their online chat facility to talk to someone to try and get my email address removed but it didn't work. I even reset the password and logged into his account, unfortunately there was no cancel option! :-(

Begone, Demon Internet: Vodafone to shutter old-school pioneer ISP


Ah memories...

I started as a point in FidoNet then signed up for the tenner a month deal with Demon. I was fronty.demon.co.uk and I had a mate who was freshair.demon.co.uk, we both used to run Slackware and I remember telnet'ing into his box and shutting it down whilst he was using it (I knew his root password) hoho simple things, simple pleasures.

I had a dump of the demon.co.uk DNS domain at one point, managed to do a zone transfer from one of their DNS servers and used to use it for performance testing with dnsperf. Made interesting reading in a nerdy kind of way.

I remember going to the Which computer show at the NEC and people were showing off this thing called the world-wide web with NCSA Mosaic! Wow it blew me away.... you could have pictures? Wow!

Eventually I installed Windows 3.1 with trumpet winsock and Netscape. For porn I used to trawl the newsgroups and use FreeAgent to join the binary posts together and decode the images, so much easier than trying to mime/uudecode the posts my hand! lol Oh the joy of waiting minutes just to download some grot at 2400 baud. Then the joy experienced from upgrading to 14.4K, then 28.8K and finally 56K - what a delight, I still have those modem noises ringing around in my head.

Ah they were the days... :-)

In the two years since Dyn went dark, what have we learned? Not much, it appears


Re: Workstation, Server, and Router Options

They already are, Firefox has added it's own resolver so they can support DoH (DNS over HTTPS), Chrome also has it's own resolver (albeit it uses the DNS servers set by the O/S) apparently with support for DoH (but not enabled yet) - it's only a matter of time before they enable it and start sending all queries to

DoH is an absolute minefield, because now the browsers are controlling where your DNS traffic goes. Firefox has decided to use Cloudflare by default, you can change it but then you'll have to start managing browser configs. This is the thin end of a very fat wedge, imagine if every application decided to send DNS queries to it's own "preferred" DNS service? How do you manage all this? And DoH queries can be embedded "inside" normal HTML, so how do you block it?

Law firm seeking leak victims to launch £500m suit at British Airways


Throw the book at them I say... but can you please wait until I've flown back home tonight as my return flight from Edinburgh is on BA. Thanks. ;-)

VMware 'pressured' hotel to shut down tech event close to VMworld, IGEL sues resort giant


"Hopefully next year conference organisers can find different venues in another city where they will be welcomed rather than persecuted."

... or shot.

Google cloud VMs given same IP addresses ... and down they went


Huh? The article said duplicate IP address, why do you think they meant duplicate MAC address?

Facebook supremo Mark Zuckerberg has flunky tell UK MPs: Nope, he's sending someone else


They flew business class, the article states that. Quite why they couldn't fly economy I don't know why. It's our money they're spunking up the wall. :-(

Remember those holy tech wars we used to have? Heh, good times


Just can't be arsed anymore

I belong to that great generation of 80's home computer nerds, there are thousands of us working in IT today and we are now middle aged, many of us have mortgages, wives, kids... basically I think we have all moved on and really just don't care anymore, there's more important things to worry about. I still see people get riled up about Windows vs Mac etc., but now I just walk away, I have better things to spend my energy on.

I just can't be arsed any more.

Amazon S3-izure cause: Half the web vanished because an AWS bod fat-fingered a command


rm -rf /

BlackBerry pie sliced up: Nuke-plant OS, BBM chat app, etc sale mulled


Such a shame

This is such a shame, I love my 9900 and it's physical keyboard, it does everything I need faultlessly with zero hassle. I would happily stick with Blackberry but at this rate they are going disappear and I'll end up having to use some 'orrible touch screen thing.

Has Europe finally passed Peak Disk?


Maybe SSDs are having an impact too?

More laptops/ultrabooks are shipping with SSDs now too, maybe we are seeing the beginning of the end of the traditional mechanical drive?

BIGGEST DDoS in history FAILS to slash interweb arteries


I wrote about this on El Reg over 4 years ago!



Re: I'm sure we'll see more of this

It's got nothing to do with zone transfers, disabling zone transfers doesn't affect the ability of someone to query a DNS server and spoof the source IP address.


I'm sure we'll see more of this

I run DNS training courses and have been warning about this type of attack for years, I am surprised it has taken so long for a big attack such as this to come to the fore, unfortunately due to all the publicity, I can't help thinking we will see many of these types of attacks from now on, DNSSEC makes it so much easier to achieve due to the quantity of data now present in signed zones, example here...



Calleva Networks

Atomic Weapons Establishment ditches 2e2 in funding row


Standard clause

Every contract I have ever signed or issued has had a clause enabling termination in the event of insolvency or administration, AWE have simply exercised this clause, it's pretty standard.

ICANN eggfaced after publishing dot-word biz overlords' personal info


Honestly, you couldn't make this shit up!

Mozilla releases Firefox 10, adds developer tools



We produce our own software, we have just certified our latest release against FF9. Now FF10 is out, I can't redo all our certification. How are we supposed to keep up? How are corporates supposed to keep up?

Stop incrementing the major version number as it causes us and our customers an application certification nightmare!

Dixons cuts Ice Cream Sarnie ready Xoom to £225

Thumb Down

Promo code does not work

I tried the promo code, "TABLET10" is supposed to be valid until 25th Jan but Dixons web site (and PC World) state rather dryly: "This promotional code is not applicable".


HP breaks Japanese excessive packaging record

Thumb Down


Yes, very good, and it's not even April 1st.

Anyone can take an already opened box, take out the contents, then put in some wrap and diddy-ikkle product to make it look like HP are being bad.

Nice try but I'm too cynical to be taken in by this.

Patched DNS servers still vulnerable to cache poisoning


DNSSEC opens another an of worms

People say that DNSSEC is the answer but it's too unwieldy. Have you seen the size of the response packets? You could use DNSSEC to invoke a DNS amplification attack and DDoS your target with a mass of DNSSEC replies. I'm not sure it is the complete answer, we almost need to have a completely new way of achieving DNS type functionality, but without using the DNS protocol.

ICANN approves customized top-level domains

Thumb Down

Brand protection

This is going to be a nightmare for corporates who want to protect their brand name. For instance, Cisco have registered in just about every TLD going, but if new TLD's are popping up all over the place they will have to be extremely vigilant so that some miscreant doesn't appropriate their brand name for their own nefarious uses.

Multiply this by the number of large corporates who will want to protect their brand name and you have a huge money making opportunity here.

Do we really need this? I dunno, I reckon the amount of phishing going on will increase dramatically, especially when you combine IDN's with it all too. It's going to get in a right old mess.

Pirate Bay bitchslaps Swedish law with SSL


Don't we have this already?

Don't we have this in the UK already? http://en.wikipedia.org/wiki/RIPA

T5 opening turns into Airplane 3.0


Monty Python predicted this years ago!

Wasn't there a Monty Python sketch about this... "I'm so worried about the baggage retrieval system at Heathrow" or something? Pretty sure it's on "The Final Rip-off" but can't check right now.

Lenovo ThinkPad T61


Why no 1600x1200 anymore?

Must admit, the first thing I did when I got my T60p was de-install active shock protection and most of the other junk that was pre-loaded. Does that APS stuff actuall "do" anything? Call me a bit sceptical but I mean if I drop my lappy, what good is that stuff going to do? Also I couldn't believe how much memory was being used up by all the "value-added" software Lenovo installed on it.

Two of my buddies here are running Ubuntu on theirs, I'm running XP but I do find hard disk access seems a bit slow despite having a 7200rpm drive. It takes ages to boot. :-(

But I really miss the 1600x1200 display on my 4 year old Dell C-series laptop. This T60p has a 1680x1050 which can be really annoying at times as I got so used to the 1200 vertical res on my Dell. Why oh why don't manufacturers do a 1600x1200 screen anymore? You can't seem to get them anywhere now.

Woolworths stores to stop selling HD DVD


They've missed the boat already

I think if Toshiba and whoever else really wanted to get HD-DVD out there they should have done a deal with Microsoft at the start to ship the Xbox 360 with an HD-DVD player, or at least got them to include it in one of the later models like the Elite. I don't know anyone who would pay 120 quid for an add-on player for the 360, but if it was built into the console from the start it would have been a no-brainer.

Seems like a missed opportunity to me.