* Posts by hazzamon

53 publicly visible posts • joined 1 Dec 2008


It could be 'five to ten years' before the world finally drags itself away from IPv4


Strange. My phone is with EE and I get full IPv6 connectivity. Perhaps it's a limitation of their backend mobile broadband system?

Broadband providers can now flog Openreach's new IP voice network in bid to ditch UK's copper phone lines by 2025


Table B.1, Annex B, ITU-T Rec. G.993.2, page 316, defines a minimum frequency of 25 kHz for the US0 channel of VDSL2.


The audio component only uses ~3 Khz of bandwidth on a copper line. VDSL uses tens of megahertz of bandwidth. For the tiny fraction you'd increase speed, you'd have to a) change the VDSL spec, and b) change an awful lot of hardware.

Let's Encrypt? Let's revoke 3 million HTTPS certificates on Wednesday, more like: Check code loop blunder strikes


I imagine that the mass-revocation is a requirement of the CA/Browser Forum rules.

Log us out: Private equity snaffles Lastpass owner LogMeIn


Re: Bitwarden

Pfft, if you want ultimate security, try ROT26.

Tech support discovers users who buy the 'sh*ttest PCs known to Man' struggle with basics


Re: I spent two years in tech support

Though the button no longer has the text 'Start', if you hover your mouse over it you get a tooltip that says 'Start'. In Windows 10 at least.

IPv6 and 5G will make life hell for spooks and cops say Australia's spooks and cops


I would have thought...

...that the authorities would have an easier time tracking an IPv6 address than a carrier-grade NAT one. At least a /56 subnet will get you as far as a customer's house.

Donald, YOU'RE FIRED: Rogue Twitter worker quits, deletes President Trump's account


And I imagine they will be able to point to the Twitter terms-of-service in writing and say that they were doing their job, as Trump's account is in violation.

Ex-sperm-inate! Sam the sex-droid 'heavily soiled' in randy nerd rampage


Beep boop, does not cumpute!

FREE wildcard HTTPS certs from Let's Encrypt for every Reg reader*


Well, they are a registered non-profit organisation.

I need an ISP that offers IPv6. Virgin Media: Whatevs, nerd


Re: Am I the only one...

The BBC are in fact working to deploy IPv6: http://generic.wordpress.soton.ac.uk/ipv6/2016/08/31/ipv6-council-meeting-october-2016/


Re: Am I the only one...

BT's and Sky's IPv6 deployments deploy /56 subnets to customers, and these are dynamic/sticky. So with the first allocation, you've got 256 /64s to play with, and you can instruct your router to request a new DHCPv6 lease from the ISP, so a brand new /56.

'Windows 10 destroyed our data!' Microsoft hauled into US court


Re: Uh what?

Lawyer: "Your hard drive could have failed at any point, whether or not you were running Windows 10. Did you routinely make backups of your valuable data?"

Plaintiff: "What's a 'backup'?"

Lawyer: "No further questions, your Honour."

Google Chrome 56's crypto tweak 'borked thousands of computers' using Blue Coat security


Re: can anyone explain...

The release of Chrome 56 is not just a desktop browser, it also includes updates to Chrome OS included on Chromebooks.

Plusnet outage leaves customers unable to stream Netflix. Horrors!


Re: 38Mb?

The speed change only affected users on a legacy 40Mbps down, 20 Mbps up package.

CloudFlare offers web encryption up the wazoo


Re: I am happy

It's not just about government snooping - it's also about ISPs and other middle-men injecting advertising and other elements into unencrypted HTTP pages.

On her microphone's secret service: How spies, anyone can grab crypto keys from the air


Would storing encryption keys of a smartcard help alleviate this attack?

After all, smartcards generally have no coils to whine...

Hospital servers in crosshairs of new ransomware strain


Remember the three Bs...

...backups, backups, backups.

Confused by crypto? Here's what that password hashing stuff means in English


Re: Chrome's "Pinning" doesn't appear to work

Chrome on Windows uses the Windows certificate store, the same one that IE uses. Firefox, on the other hand, uses its own built-in certificate store. Hence, the discrepancy.

Does the Internet of Things need an indie security assessor?


Segregate all IoT devices on seperate VLANs...

...with ports restricted to bare essentials - HTTP/HTTPS/DNS etc.

I'm sure that's perfectly achievable on regular consumer home routers...right? ...anybody?

Microsoft offers Linux certification. Do not adjust your set. This is not an error


Coming soon - Cisco to offer CCNP in Juniper.

Google snaps Dutch woman completely taking the piss


Take a high shutter speed photo of your own wee and you'll see that it's droplets too.

I remember Mythbusters covered the 'Peeing on the electrified railway' myth once, and busted it on account of the fact that unless you literally piss like a horse, the stream will break up into air-insulated droplets well before it hits anything electrified.

Bacon as deadly as cigarettes and asbestos


Re: re-reporting the daily mail?


Windows 10 upgrade ADWARE forces its way on to Windows 7 and 8.1


Why not create a system image...

...on backup media, then rollback to that if you're not happy with Windows 10?

Samsung's spying smart TVs don't encrypt voice recordings sent over the internet – new claim


If they aren't encrypting data...

Then perhaps they don't sanitise inputs either. To paraphrase xkcd:

"Hi TV'); DROP TABLE SearchQuery;--"

Misfortune Cookie crumbles router security: '12 MILLION+' in hijack risk


Handy tip...

To see if your router/modem is running a vulnerable version of RomPager, run Wireshark and access the device's configuration page.

Look for a HTTP/1.1 200 OK packet, inside that will be listed the server version, eg:

Server: RomPager/4.07 UPnP/1.0

Which suggests my modem is vulnerable, bugger. Time to get a different one methinks. Good job it's separate from the router.

Then again, would my modem even be reachable from the internet if it's running in PPPoE bridge mode? Wouldn't the PPPoE-encapsulated packets get sent straight to the router without the modem even bothering to look at them?

Mom and daughter SUE Comcast for 'smuggling' public Wi-Fi hotspot into their home


CAn't see this doing too well in court.

Just had a quick look at the Comcast Residential Agreement (Link)

Section 6.b.1. says that Comcast can send code updates to your router at any time they like; that these updates can change, add, or remove features; and that these updates can be used to provide features not just to the customer (i.e. you), but also others. It also explicitly mentions this WiFi hotspot function when explaining this.

I am going to guess that this agreement will be the defence's 'Exhibit A'.

Google hopes to cure its 'flu sneezes


Perhaps they should also program it to respond to...

...'do I have ebola?'

Google puts Chrome credentials on USB drives for two-factor authentication


Re: BadUSB

These security keys aren't flash drives. They are just secure ICs. Yubico's models, for instance, have non-upgradable read-only firmware so are not susceptible to BadUSB.

Virgin Media blocks 'wankers' from permissible passwords


Re: Merde!

The password, as far as I can see, is filtered by this javascript on the user's local machine, prior to being hashed and sent to Virgin.

Women-only town seeks men


Interviews are taking place in Rio de Janeiro...

...and the end of the queue is currently in Buenos Aires.

When will Microsoft next run out of US IPv4 addresses for Azure?


Re: Confused about IPv6 vs. NAT.

You're confusing NAT with a firewall. IPv6 doesn't need NAT but you can still run a firewall on a gateway/router that drops unsolicited inbound packets. The only thing you miss out on with IPv6 is the absolute joy of configuring port-forwarding.

Google's Nexus devices get stealth Android update


The update fixed the broken NFC on my Nexus 7 2013, at last!

Slow IPv6 adoption is a GOOD THING as IETF plans privacy boost


Re: RFC 4941

While your computer is using privacy extensions it should in addition still maintain a MAC-derived address (at least, it does on Windows - I don't know if the same is true on Linux or OSX). Can you force your SSH client to use this interface rather than the temporary ones?


Re: What IPV6 really needs

I have a 6in4 IPv6 tunnel running on my home network. My router (Asus RT-N66U with Merlin firmware) is running an IPv6 firewall which automatically drops any unsolicited incoming traffic. I can set rules in the firewall to permit traffic to individual hosts (e.g. I could have multiple hosts all with their own port 80 services). All my hosts retain end-to-end IPv6 routing without any of that NAT nonsense.

QUIDOCALYPSE: Blighty braces for £100 MILLION cost of new £1 coin


From the Daily Fail link...

'12-sided design will resemble coin last used before decrimalisation in 1971'

Typical Daily Mail, they have crime on their minds so much that they can't stop thinking about it!

GCHQ was called in to crack password in Watkins child abuse case


You could make the password as incriminating as you like and it won't put you in jail any longer - you still need to crack it to get to the real evidence. The only dumb mistake he made (apart from molesting kids) was choosing a password vunerable to a simple dictionary attack.

Also, Gary Glitter was dumb enough to take his laptop in for repair at PC World...

Dialog Bluetooth chip boasts battery life of four YEARS

Thumb Up

Re: Beggars belief that TVs & remotes don't use bluetooth

Now there's an idea - a universal Bluetooth LE remote with an touch-sensitive e-ink display!

Apple flat-screen TV to ship by holiday season?


Re: Why?

Children's TV character: "Hi kids!" *waves*

Child: *waves back*

*TV switches off*

iPhone denies existence of Gibraltar, other bits of British empire


Re: Falkland Islands

I bought a PAYG sim when I was out there in 2008 - the phone number was only 5 digits long, including area code!

Paedophiles ‘disguise’ child abuse pages as legit websites


Following a particular digital path?

"Welcome to Mozart's Ghost! The hottest band on the internet!"

Iraq demands return of Saddam Hussein's arse


This story...

...is not to be sniffed at!

Kinect plus tablet control insane skateboard


I wonder what happens...

..when he waves to say hello to a passer-by?

Crack GCHQ's code and become the next James Bond


No, the quickest way to solve it is to show it to an autistic child in the form of a puzzle book!

Digital UK names date for end of analogue TV era


A Google search suggests that the Belmont transmitter is broadcasting Multiplexes ArqA & ArqB on low-power until 23 November 2011. At this point, in addition to the power increase, they will be switching frequencies so another retune will be required.

Samsung, Google to out Ice Cream Sarnie next week


Android iterations are named after desserts in alphabetical order - 'FroYo' is short for Frozen Yoghurt. Do try to keep up!

AMD Steam-game offer suspended after keys pilfered


I actually bought a new Radeon 6950 at the weekend that came with a code for Dirt 3 which I redeemed on Steam, so I'm hoping I don't get affected by this, even though I can reasonably prove my purchase.

Google Maps for Droid phones becomes a LOT better


'Manual Update'

'Manual Update' means that the app's system permissions have changed and that your consent is required prior to update.

Acer replaces laptop keyboard with multi-touch LCD


I suspect...

...that this isn't going to be the best to use for touch-typing.

Amazon customer purchases protected by US Constitution

Big Brother


...they'd need to know the product type in order to be able to tell whether or not it is subject to sales tax.