Posts by adnim

How long

has Win32/Srizbi been out there?

When was it first detected?

How long have AV vendors been able to detect and remove this?

Better late than never?

@raving angry loony, I fully understand your sentiments but I don't think MS would risk further anti-trust suits by using MSRT to hurt legitimate 3rd party software. However what MSRT will never do is remove Microsoft's own spyware and malware that comes as part of a standard windows <insert version number here> install. The only solution here is to never connect to the Internet with a Windoze box, at least without a third party software firewall. Although this is not 100%, it helps. Better still upgrade the OS to a Linux distro.

Better ways to spend billions?

Yes, there are many.

Still, there maybe benefits to the whole of humanity arising from this project. Where as spending billions bailing out banks so they can continue dishing out obscene bonuses to high level bank staff whilst ripping of customers with ridiculous charges generally benefits a handful bankers.

A basis for trust?

"Ask him anything"

Asking questions, even the right questions has never been much of a problem.

Getting truthful answers is where the problem lies.

Even if Mr Graham is able to answer truthfully will he be allowed to?

I really do wish I was not so cynical, but a decade of government lies, half truths and cover ups does leave its mark.

We know where you are going

If Conficker has been completely reversed, every domain name and IP it will attempt to connect to will be known. I couldn't find the details on the Kaspersky site, but the list of domains and IP's to which Conficker tries to connect should be made public. Or at least circulated amongst the admins of the Internet root DNS servers. Conficker would be pretty impotent if every address it tried to connect to was "unavailable".

@losheda

I think once admins get reports via OpenDNS dashboard of suspect machines it is unlikely every single one of them would remain silent. One would also have to presume the intelligence behind Conficker is dumb enough not to notice.

Perhaps...

this creature is something those involved in stem cell research should be dissecting, probing and sequencing. Or talking to, depending on ones moral stance regarding the use of animals for research.

Oh Well

Chris and Martin summed up what I wanted to say. In addition though, everything should be open, all hardware specs, firmware as well as software code. A dedicated encryption chip, open of course, should help with overhead. With the involvement of universities and the public as well as industry, the points Martin raised could be addressed. Within five or so years, a truly secure system could be emerge that would be worthy of the name "Trusted computing platform". If any part of this platform remains closed... Then in my opinion, it isn't a trusted platform.

Snooping under the guise of protection

If one accepts the recommended settings whilst setting up IE8 a feature called SmartScreen filter is enabled. What this does is send every website address one visits to Microsoft to be "checked against a list of reported unsafe websites". Microsoft state that "information received will not be used to personally identify you". Yet they collect the IP address of your machine!

This feature along with suggested sites turns IE8 into spyware.

It doesn't matter if they use the information for targeted advertising or not, the fact is with these two features enabled, MS are aware of every website and webpage your IP address visits.

Of course multinational corporations saying one thing and doing something entirely different never happens so we should all trust MS implicitly in that they will never ever look at the IP addresses they collect from client machines.

All I can say is disable both these features if you have to use IE. A much better alternative would be not to use IE at all.

I am about to see how Windows 7 responds when I install Firefox and attempt to uninstall IE. I doubt that an uninstall of IE is possible.

*tards.....

What is it with the use of "tard". It is not amusing nor does it promote the author to the status of "cool", "with it", savvy or whatever, especially when describing those who use free software. Who decided it was retarded to use free software. The term paytard although equally unfunny is at least an appropriate description of those who pay for and use MS products.

Please Reg can we drop this whole *tard thing? I presume Kelly and the rest of El Reg staff are over the age of 12.

copycats

"The firm said it was rolling out an “experimental feature in Gmail Labs” that will probably be a bit cranky and frustrating due to the fact that there are still “some kinks that haven't been completely ironed out yet"

So they are following Microsofts lead and using the public as beta testers. At least they are honest about it. Where as Microsoft... Well, form your own conclusions.

click jacking

To oversimplify.. A surfer clicks a link expecting to go to abc.com and ends up at xyz.com

Hidden elements, often an iframe, in a webpage lie above what the user sees and clicks on. The hidden elements handle the click rather than the visible link that is clicked.

This discussion goes into more depth:

http://www.securityfocus.com/news/11535

@Craig

touché

Mind you a move to Linux is well worth the effort.

@insanity: I would say you are correct regarding corporate moves to Linux, compatibility with data formats etc can be dealt with, obviously there is expense involved, as there is in retraining staff to use Linux. But this extra expense would likely be more than compensated for, especially when one considers the cost of open source software.

Are we sure...

that he isn't just moonlighting?

No hang ups here.

If this law is in place to protect folk from depravity, corruption and obscenity does it apply to those of us who are already depraved, corrupt and obscene? Can we cheerfully ignore this law because it is not going to save us from anything.

"Deviants, perverts, 'weirdos' - who's going down?"

I'll go down on anything, animal vegetable or mineral for an appropriate fee.

Microsoft do it again.

They have dumbed down computer usage to such an extent that the average user has not a clue what their PC is doing behind the cartoon like interface. Dumbed down so much that accomplished retards and professional trolls have access to the Internet. This has resulted in newsgroups, forums and blogs being flooded by inane, childish, ignorant and often illiterate ramblings.

Now they do the same for music... wonderful, I can't wait.

Some things should be the exclusive domain of those with at least a modicum of skill, imagination, talent and intelligence. Normally I am one who would celebrate the removal of barriers, but it seems to me that this technology is just another step backward. It gives those who should never be seen, heard or allowed to have any influence on others, an avenue by which to irritate, annoy those with a discerning ear whilst encouraging the equally talentless.

From microsoft:

"We’ve partnered with one of the industry’s finest digital instrument producers – Garritan – and one of the leading developers of computer synthesizers – Plogue – to provide rich instrumentation for your song."

Who the fsck are Plogue and Garritan? Yes I have heard of them but they are hardly the finest digital instrument producers or leading developers of softsynths as MS would have you believe.

Why haven't Sony, Yamaha, Roland, Native Instruments, IK multimedia, Waves, Antares to name a few, partnered with Microsoft for this project? Could it be that established suppliers of professional kit see Songsmith as the gimmick that it really is?

I'll stick with Cuebase, softsynths, my guitar, my imagination and the somewhat limited talent I have thanks.

liability

There should be international laws in place making data collectors, regardless of who they are, liable for the damages and or losses caused to anyone who suffers as a result of a data breach.

A slightly damaged reputation does not help the victims of such incompetence. Punitive measures resulting in the loss of large sums of money may, just may make a difference to how these data hording entities look after our personal data. Or at least cause those incapable of protecting data to shut up shop.

@Sarah Bee:pfft

"People are so smug and lofty and dramatic and human-rights-ish about ads. 'If I see one ad for anything then I have to poke out my own eyes and eat them.' Do you? Really?"

No, but I do think of poking out the advertisers eyes, sauteing them in a nice garlic butter with some panther cap mushrooms and and feeding them to the marketeers whom employ them.

"Do you think about these things at all beyond your own mild irritation?"

No, should I? I guess I do a little bit... Eliminate Internet advertising and most of the chaff would disappear from the WWW. If a website has content which is worthy of note, a website such as The Register, I would have no problem in paying an annual subscription. If a third rate website went under because people were unwilling to pay for the content then so be it.

Advertising is so ubiquitous these days, most people do not see it as an invasion of their psyche. I just don't want the visuals or jingles from products I do not want nor care about inside my head, even if only for an instant. Those neural pathways that are forged by exposure to advertising are wasted, perhaps never to be employed for useful purpose. Even the tinfoil hat doesn't help protect from mind control via the optical nerve or auditory canal.

Just as advertisers feel they have a right to expose the public to products EVERYWHERE, often in the most attention grabbing and invasive ways imaginable, I feel I have a right to prevent my exposure to such wherever and whenever possible. A right which I will continue to actively pursue. There is a feeling of satisfaction I get when I successfully block an avenue of advertising TPS, MPS, Adblock, NoScript which would never be equaled by seeing or hearing that which I have blocked.

Not surprisingly,

"no classified or personal data has been or will be at risk of compromise", is exactly what I would have expected them to say.

If, and I say if mission critical and or sensitive systems were compromised can one imagine the RN spokesperson stating:

"Yes, all our hardened and secure mission critical systems were infected. Classified and personal data has been compromised. We cannot tell which, or how much data has been packaged and transmitted to servers in Azerbaijan via key loggers the virus installed on our systems. Nor do we know how long the back doors the virus planted in our systems have been active".

I guess not.

@pete

It is exactly because I have experience of hospitals, in one of which my mother died recently that I have my stated opinion. Please read my comment again, and note this sentence "In hospitals, patients should be allowed to use them with ringers on silent".

You are right about the crushing boredom. I signed myself out the last and only time I was admitted to hospital with a serious problem. I would have rather died than spend another minute as a patient on a hospital ward. Fortunately or unfortunately I got better without the ministrations of a doctor or prescribed drugs. I can be a stubborn bastard.

alt.

binaries.sounds.mp3.*

alt.binaries.sounds.lossless.*

I wouldn't give Apple nor the leeching middlemen of the record labels the steam from my ....

Please give me an avenue by which I can pay the artists directly.

@AC:Zeitgiest

I couldn't agree more. I learned 'C' many years ago in a Xenix environment, I loved the power and flexibility of the language, I was encouraged to write neat, tidy and efficient code. I knew what was going on.

I have developed a few applications using VB, VB.Net and asp, some using connections to backend databases. RAD seems to be the point behind .Net programming and yes it can be very rapid, but I don't have much of an idea of what is going on behind my code at a granular level. As a result I cannot say with any conviction that any of the applications I have written with .Net are secure or reliable, nor how much redundant code in the form of functions and assemblies is compiled into my applications.

One thing I know for sure, I feel removed from the heart of my applications using the .Net framework.

I can't help thinking that if .Net did not exist, then although more time consuming and difficult to write, applications including web apps would be far more secure than the obfuscated swiss cheese base of todays .net and asp applications.

Perhaps this is because I'm not a professional coder, I might be talking from behind my scrotum ;-) I tinker for knowledge, and to make it a little easier for my missus to maintain and update her photo database/website, thus my experience is limited.

Please keep me safe.

The Chinese government always do the right thing for their people. And our government need to latch on to these ideals as soon as possible, for I really do not have any sense of discrimination.

I need and look forward to our government telling me what is right and wrong, what is just or unjust, what is good and what is bad and what I can and cannot do with regard to every aspect of my life. Even when their words contradict their actions they act in my best interests. They are my saviour, my spiritual and moral guardians, they can do no wrong. They will always nurture and support my subservience, they will keep me safe and warm.

I trust them implicitly to control every facet of my life, as every man woman and child should do lest they fall into a pit of moral degeneracy.

ROFLMA

I find it very amusing that some of the commentators here have actually perused Facebook just to get a glimpse of what the fuss is about. If one has never seen a mother breast feed her child before, I can understand the curiosity. Even so, it doesn't take much imagination to picture such a scene. I myself don't find breast feeding offensive at all, nor pissing in public for that matter, providing it is done discretely and preferably on a flowerbed or grass, a doorway or the pavement is not the place to do such a thing. I do however find the sight of an obese person in a swimsuit offensive. But then, that's just my opinion, valid or otherwise. We have all had different standards conditioned into us during our formative years. So I ask who is right? Or do we just comply with what the majority think because it is the most accepted viewpoint?

@Gene Cash.. Disgusting? Even though your comment made me laugh, I can only guess that your conditioning damaged you much more than my conditioning damaged me.

Mmmm,

"According to the firm, the gang was responsible for manufacturing and distributing more than an estimated $2bn worth of “high quality counterfeit Microsoft software”."

Where as Microsoft sell legitimate copies of poor quality software. I can only guess the counterfeiters must have fixed the bugs before selling it.

I

boycott both Apple and Microsoft (amongst others) products because of their consumer fucking, share holder loving practices, not to mention Microsofts bug ridden code. (ah, I just did). So, as I drink my wine and prepare for another year of being treated like shit by multinational corporations and the UK government, I will allow myself a little snigger. Yes it maybe at the expense of those poor saps who think Microsoft are anything other than bunch of self serving <substitute your own expletive here>. However, I am not going to apologise for this selfish attitude. Maybe someone somewhere as learned a valuable lesson and m$ have lost another customer. In which case this fiasco is worthy of celebration.

Yes I use XP as well as Linux but XP was free, a gift. I wouldn't give Microsoft or Apple the steam from my shit.

With all due respect, for the new year I wish that every Register reader and staff member get what they deserve. ;-)

Advisory system

"It would be quite possible to build an "advisory" system, for instance, which would audibly or visually warn a driver when he or she was exceeding the local speed limit."

My car already has one, OK it only provides visual cues and not audio ones. But it is right under my nose and the big red pointy thing swinging over the big white numbers is very easy to read. It even glows in the dark, providing I am using my lights, now how clever is that?

Brush meet carpet

The case has raised wider concerns about the misuse of police databases, which the "Metropolitan police is keen to downplay."

Of course this new proposed comms database nor the NDNAD will ever be abused by the greedy or those with self serving agendas. And, as these databases will be/are totally secure and are only ever accessed by the most trustworthy of persons, is it surprising that the police wish to downplay such misuse? After all, it has never happened before and it will never happen again.

The mere thought that those in control of this data cannot be trusted is vary scary indeed, and as we know the last thing the police wish to do is cause panic, admit to error or reveal the truth unless it fits with policy/practice.

@Paul

A corporation/company shitting on the US government is a no, no.

A corporation/company shitting on the public brings in tax dollars and is perfectly acceptable, if not preferred.

A little bit special

"Given the fact that the Royal Family was involved with the pictures held on this laptop, the data should have been encrypted - full stop,"

Why? Are the royals something special or are they just better than the rest of us.

Anyone who gives a shit about what is on this laptop needs to get a life.

@more like-AC

Well if I was to delve into and see the thought processes of the average Londoner or any UK facebook dwelling, iPhone/iPod owning, Eastender/X factor/reality TV watching, girl/boy band appreciating, Daily Mail reading, form over function citizen..

Then "London's burning with boredom now" comes to mind.

Scary tech yes, I fear for my son and his potential/future children, I am a middle aged bloke. I will be dead before this technology is fully mastered, whence a "minority report" reality with adverts directly beamed into one's minds eye will be the new utopia/dystopia. The time of human individuality and freedom will truly be over.

re:Suggest that all the lawyers...

I expect financial penalties and disbarment to hurt them far more than beheading. Then the monies recouped from those financial penalties could be distributed amongst those who have suffered at the hands of Davenport Lyons' despicable practices.

The point Mark_T has raised makes me think they will suffer no more than some minor finger wagging in their direction, augmented by a few looks of disapproval. When in all reality the practice and offices should be shut down.

port changes

script on port 22 pretending to be ssh. With no real access possible.

ssh on a different port.

A scan for ssh that is not on port 22 is noisy. IDS systems will notice this.

This is a bot that is attempting to compromise ssh accounts, it is unlikely that it scans all ports identifies ssh and then attacks that port. Chances are this bot is hard coded to attack port 22, so changing the ssh port may well defeat a bot attack. Obviously if a human is attempting to access ssh then moving the ssh port is no help at all.

Putting login credentials on the pre-login banner will also help those who cannot remember complex passwords. Also helps if the post-it note falls of the monitor and the office cleaner throws it away.

Too lenient a sentence

How dare this man exploit innocent, disabled (three fingers) disfigured (look at their heads) and jaundiced children for his own amusement. It is bad enough exploiting healthy, normal and attractive children, but to abuse the disadvantaged in such a way is morally reprehensible. He should have the book or at least the DVD thrown at him for possessing such schoolboy humour. oops sorry, child porn.

I suspect there are children, yes real children worldwide viewing and giggling at these and similar cartoons. They should all be rounded up and placed in correctional facilities before it is too late.

How about forming child protection laws around the input from and consultancy with actual victims of child abuse, instead of paranoid knee jerk reactionaries.

Plenty of resource available... till the next bribe

Without the bribery, windoze live search visitor numbers should now drop back to a level that can be handled by a 386SX and a 100Mb connection.

Ridiculous

The image is not porn. An image of a naked child is not necessarily pornographic. The girl in the image looks content and appears not to be under any kind of stress or duress, so it is not an image of child abuse either.

The furore caused by this image is ridiculous. FFS what is all the fuss about. Does context not mean anything these days? It is an album cover, there are no other images of naked children in the article. The article is about a rock album.

Will I be labeled as a pedophile, for saying she is(was) a cute kid, because that's what I thought when I saw the image (My ISP is not blocking this). Being an old rocker I first saw this image a long time ago, memories of the era and some old tunes came to mind. The image is not sexually arousing in the slightest, at least it shouldn't be. I do see why some sensibilities would regard the image as indecent, although I see innocence. I feel images of 10-14 year old girls caked in makeup and alluringly dressed are far more indecent.

Anyone who does find this image arousing or sexually explicit should go seek some help.

As for censorship and a service provider protecting me on my behalf, I don't need nor want it, I am perfectly able to close a browser window and not click on the same link twice should I be disgusted by what I see. As for the legality of viewing this page/image and the possible repercussions, context should be taken into account. However, we are at the mercy of laws that are open to interpretation and inconsistent in their application. And when it comes to pedophilia or the mere suspicion of pedophilia, such an emotive subject often if not always results in an intolerant, merciless and uneven response.

Taking advantage

“Dishonest auctioneers are too often using these online auction sites to sell counterfeit and illegal copies of Microsoft software, taking advantage of unsuspecting customers around the world,”

Taking advantage of unsuspecting customers around the world..

/me shakes head at the hippocracy.

Trust

M$ are not an altruistic operation, profit, market domination and control have always been their goals. I am curious as to how this HealthVault system will be monetised and which third parties... pharmaceutical companies, insurers and the such like, the content of this database will be sold to.

I suspect there are people out there who trust Microsoft. I am serious when I say that I haven't met one yet.

The idea isn't that bad, providing the custodians of your health data can be trusted. However in this day and age when ones own government cannot be trusted, it beggars belief that a commercial enterprise well known for putting their own interests above all else should be trusted or even permitted to hold such data.

"You never give me your money"

A daydreamer once heard: "Well let's be honest here, I am a very rich man, I don't really need anymore money, In fact I already have more than I could sensibly spend. As such I have decided to release all of the Beatles' back catalogue for the cost of the media only for non-commercial use. Enjoy people and thank you for making me very rich indeed. Besides most of it is only pissy pop music anyway"