* Posts by Alan J. Wylie

525 posts • joined 12 Jul 2008


So it appears some of you really don't want us to use the word 'hacker' when we really mean 'criminal'

Alan J. Wylie

I was a volunteer at the library

Did they had a copy of The New Hacker's Dictionary on their shelves?

What happens when the internet realizes the stock market is basically a casino? They go shopping at the Mall

Alan J. Wylie

I wonder whether someone will make a film about it?

Previously: Trading Places

Alan J. Wylie

Clop ransomware gang clips sensitive files from Atlantic Records' London ad agency The7stars, dumps them online

Alan J. Wylie

The IT angle? Charlie Stross is one of Random Penguin's authors.

Negative Trustpilot review of law firm Summerfield Browne cost aggrieved Briton £28k

Alan J. Wylie

Re: If you're going to represent yourself...

"The man who defends himself in court has a fool for a lawyer and a jackass for a client"

Police drone plunged 70ft into pond after operator mashed pop-up that was actually the emergency cut-out button

Alan J. Wylie

Re: Fail safe?

It reminds me of the emergency stop button on Multi Wheel Journal Grinders that I used to work on.

(I was out in Cleveland for 10 weeks in the late 80s installing one of the three shown in the photo in the above link).

There were, IIRC, 9 large grinding wheels for finishing the journals and oil seal on a Ford V8 crankshaft. If the emergency stop was hit just as the cut started, power was removed from the motor rotating the crankshaft, the inertia in the grinding wheels would start spinning it backwards faster than it was ever meant to turn, it would pop out of its head/tailstocks, be thrown into the bed of the machine, shatter, and the pieces bounce out at high speed..

How good are you at scoring security vulnerabilities, really? Boffins seek infosec pros to take rating skill survey

Alan J. Wylie

Re: CVE scores are dynamic

Did you click on "Base Score"?

Alan J. Wylie

CVE scores are dynamic

The NIST provides a calculator. On their page for a particular CVE, e.g. CVE-2017-5550 click on one of the two "CVSS" versions, then on the "Base Score" button, and you can tune your score depending on your particular circumstances, e.g. external network access, Privileges Required.

Brit registrar 123-Reg begins 2021 in much the same way it ended 2020 – with DNS issues

Alan J. Wylie

Re: Yet another DNS fail at 123reg.co.uk

I don't think that quoting is broken, see this ISC document "You may have more than 255 characters of data in a TXT or SPF record, but not more than 255 characters in a single string".

How to leak data via Wi-Fi when there's no Wi-Fi chip: Boffin turns memory bus into covert data transmitter

Alan J. Wylie

Many years ago, I remember our DEC field service engineer carried a medium wave radio with him. Placed next to the PDP-11 UNIBUS wiring he could diagnose some failures just by listening to the noise (or lack of it).

Intel's SGX cloud-server security defeated by $30 chip, electrical shenanigans

Alan J. Wylie

Linux kernel support for processor undervolting

See also this recent article: Kernel support for processor undervolting at Linux Weekly News.

CERT/CC: 'Sensational' bug names spark fear, hype – so we'll give flaws our own labels... like Suggestive Bunny

Alan J. Wylie

Correct Horse

I can't wait for the next password vulnerability to be called "Correct Horse".

Why, yes, you can register an XSS attack as a UK company name. How do we know that? Someone actually did it

Alan J. Wylie

Re: Still winning

Aother of RevK's amusements:

whois f*ck.me.uk

UK mapping agency the Ordnance Survey is heading into gaming territory with £6m tender for dev team

Alan J. Wylie

Re: Walking simulators?

Or another Augmented Reality walking in real life game, similar to Ingress?

Happy Hacking Professional Hybrid mechanical keyboard: Weird, powerful, comfortable ... and did we mention weird?

Alan J. Wylie

the control key is remapped to where the caps lock key usually sits

Just like the Wyse WY50, where it always should have been.

Relying on plain-text email is a 'barrier to entry' for kernel development, says Linux Foundation board member

Alan J. Wylie

Re: LKML should...

> ... just move from mailing list to usenet newsgroup.

You can already read it over NNTP


If you think Mozilla pushed a broken Firefox Android build, good news: It didn't. Bad news: It's working as intended

Alan J. Wylie

Cookie Autodelete and uBlock Origin are both on the "recommended" list, but not uMatrix. If Mozilla are so keen on privacy, why is it missing?

Auto-update disabled.

University of Cambridge to decommission its homegrown email service Hermes in favour of Microsoft Exchange Online

Alan J. Wylie

Here are some photos and a description of Hermes over the years.

It's a sad day for Exim

Lizards for lunch? Crazy tech? Aliens?! Dana Dash: First Girl on the Moon is perfect for the little boffin-to-be in your life

Alan J. Wylie

Re: An interesting review

Competition, pre-teen genius girl, trip to the moon, evil aliens. Reminds me of Heinlein's Have Space Suit—Will Travel

In the market for a second-hand phone? Check it's still supported by the vendor – almost a third sold are not

Alan J. Wylie

"most people are limited to cheaper models, which in general have a shorter time"

Another instance of the Captain Samuel Vimes 'Boots' theory of socioeconomic unfairness.

Venerable text editor GNU Nano reaches version 5.0 and adds the modern frippery that is scrollbars

Alan J. Wylie

"Among the fields of barely"

That's intere-Sting. Barley, surely?

Are you sitting comfortably? Then we'll begin. Hang on, the PDP 11/70 has dropped offline

Alan J. Wylie

It's not so bad when it's one of your own, but working on the Cambridge Science Park in the early 80's, we had lots of VIP guests (and I mean very). Margaret Thatcher and Prince Philip to name but two.

A page with links to some photos

A lot more embarrassing when one of their entourages' buttocks disrupted the demo.

Not the first time I've mentioned this.

Cool IT support drones never look at explosions: Time to resolution for misbehaving mouse? Three seconds

Alan J. Wylie

"Senior Technical Analyst Programmer"

Or its abbreviation: "Sen Tech Anal Prog"

Only true boffins will be able to grasp Blighty's new legal definitions of the humble metre and kilogram

Alan J. Wylie

The 1959 International yard and pound agreement

This new definition won't have any practical effect, however, back in 1959 there was a change which caused the UK inch to increase in length by 1 part in 2 million.

Remember also, that the US (some states, not all) uses two different definitions of the foot, which differ by about 1/8 inch per mile, which can make a significant difference.

An Internet of Trouble lies ahead as root certificates begin to expire en masse, warns security researcher

Alan J. Wylie

Re: Simple solution

> it's the expiry date of the Certificate Authority's root cert

Except that no CA these days will issue a cert valid for more than 2 years. His must be self-signed.

Smart fridges are cool, but after a few short years you could be stuck with a big frosty brick in the kitchen

Alan J. Wylie

Re: Scott Helme on expiring TLS root certificates

It's not the renewing of server certificates that's the problem, nor even intermediate certs. It's the trusted root certificates that are embedded into operating systems and browsers. If those aren't updated on the client then the breakage happens.

Alan J. Wylie

Scott Helme on expiring TLS root certificates

A timely article:


HTTPS is a bit more than 25 years old. A lot of early root certificates were issued with a 25 year lifespan, and are about to, or have already (Addtrust) expired. Without updates, the web will break.

Moore's Law is deader than corduroy bell bottoms. But with a bit of smart coding it's not the end of the road

Alan J. Wylie

Re: DEC Fortran

Back in the early 80's, I used DEC FORTRAN on a VAX-11/780 developing an early Geographic Information System (as it is called these days). I remember one program (interpolating spot heights on a grid from contour lines, perhaps) which did a lot of looping over arrays. There was a DEC supplied program that drew a text based representation on a VT100 of pages being swapped (paged?) in and out of memory (we originally had a huge 512kB, later expanded to 3/4 of a MB). You could see when you had your array indices the wrong way round, pages were rapidly swapped in and out all over the place, rather than a neat little chunk with pages being added at the end and lost at the beginning.

That computer (about 1MIPS) and memory were enough to run an interactive line following digitising program as well as several developers simultaneously editing and compiling.

ALGOL 60 at 60: The greatest computer language you've never used and grandaddy of the programming family tree

Alan J. Wylie

Re: I've used Algol-60 at school

Me too.

Probably 1973/4. We wrote out programs out on coding forms, making sure that our 0/O and 1/I were distinguished (I can't remember any more which one had a slash through it). It was sent off to, IIRC, Lancaster Uni, where it was typed onto punched cards and put through the batch system. A week or two later, we got the output. It took a long time to get anything that would compile. I think mine did run eventually, busily calculating digits of pi until it hit its CPU limit.

Britain has no idea how close it came to ATMs flooding the streets with free money thanks to some crap code, 1970s style

Alan J. Wylie

Re: The past is another counttry.

I've still got a £10 card from the late 70's / very early 80's. Photos:



The numbers 1 to 20 on front correspond to each usage - a pin punched a small dimple. After 20 usages you got a new one.

Star's rosette orbit around our supermassive black hole proves Einstein's Theory of General Relativity correct

Alan J. Wylie


Who remembers playing with a Spirograph?

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?

Alan J. Wylie

Bluetooth vulnerabilities

Blackview, the manufacturer of my cheap, but rugged device, don't care about releasing new versions of firmware to fix critical Bluetooth vulnerabilities. For this reason, I keep Bluetooth turned off most of the time.

How to make a stranger's insecure 3D printer halt-and-catch-fire – plus more alerts from infosec world

Alan J. Wylie

Halt and catch fire

Nice headline

Not only is Zoom's strong end-to-end encryption not actually end-to-end, its encryption isn't even that strong

Alan J. Wylie

A couple more comments from Bruce Schneier and Matthew Green

How many days of carefree wiping do you have left before life starts to look genuinely apocalyptic? Let's find out

Alan J. Wylie

Re: Personal habits?

Note to self: do not read el reg while eating.....

Then never Google these two words while eating: Bristol Scale.

Stob's vital message to Britain's IT nation: And no, it's not about that

Alan J. Wylie

My humble contribution to confusing phonetics

A are / aisle / aubergine

C cue / cede / canine / cereal

E ewe / ewes / eye / earn

F faze / few

G gnome / genes / gneiss

I Isle

J jay / jeans

K knot, knee, knight, key

N not, night, nice

P phase, phew

Q queue / quay

R rite / rye / rung

S seed / serial

U use / urn

W why / write / wry / wrung

Y Yews

Looming ventilator shortage amid pandemic sparks rise of open-source DIY medical kit. Good thinking – but safe?

Alan J. Wylie

Re: Bloody hell

The first thing we do, let's triage all the lawyers

Alan J. Wylie

Do not let perfect be the enemy of good.

Microsoft, Google, Slack, Zoom et al struggling to deal with a spike in remote tools thanks to coronavirus

Alan J. Wylie

Re: I have noticed..

Cisco Webex was borked yesterday between 14:00 and about 16:45. The app wasn't so badly affected, but the web interface was unusable and it was dropping messages sent through the API.

More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research

Alan J. Wylie


My Blackview BV9600Pro hasn't had an update since I bought it. Still on version 20190430 and telling me "Your device's software is currenly up to date".

Naming and shaming is the only way.

After 1.5 million days of computer time, SETI@home heads home to probe potential signs of alien civilizations

Alan J. Wylie

Folding at Home

For those wondering what to do with their spare CPU cycles, now has never been a better time than to do some Folding at Home to search for new therapies for COVID-19.

Shipping is so insecure we could have driven off in an oil rig, says Pen Test Partners

Alan J. Wylie

At a previous place of work, one of the consultants went to check the security of some of a cruise liner's systems, mostly for on-board purchases and charges. PCI DSS sort of thing. It only took a day or so, but they weren't going to change the ship's schedule, so he got a few free extra days lounging around before it next docked. Nice work, if you can get it.

Roses are red, IBM is Big Blue. It's out of RSA Conference after coronavirus review: IBMers will not attend infosec event over 'health concerns'

Alan J. Wylie

Fortinet Barcelona cancelled


On the bright side, for a couple of my co-workers, they picked up the free flights and accommodation at the last minute.

Alan J. Wylie

Discussion on COVID-19 affecting the upcoming ICANN conference in Cancún, Mexico


Yahoo! hack! payout! nearly! approved! and! the! question! is! how! to! spend! 60! cents!?

Alan J. Wylie

BT used to use Yahoo e-mail. The crooks downloaded entire address books. I run a mailing list for a mountaineering club, and all these years later I'm still getting spam, both to myself and to the mailing list address, purportedly from members, including one who died years ago.

Outlook more like 'look out!' as Microsoft email decides everything is spam today

Alan J. Wylie

Windows Search is down, too.

Windows Search down for many

Ah, night shift in the 1970s. Ciggies, hipflasks, ADVENT... and fault-prone disk drives the size of washing machines

Alan J. Wylie

Re: Ah, that takes me back..

We never ran out of drawing paper as kids

The LA120 printer always fed an extra sheet of paper so the perforations were clear of the sprockets. I collected these and handed them on to a primary school teacher friend of mine who was most grateful.

Alan J. Wylie

Re: DEC field service engineers

Unkindly known as "Field Circus".

The good old days when "field/service" and "systest/uetp" were acceptable username/password combinations.

Alan J. Wylie

A couple of memories: Laser-Scan was frequently visited by VIPs (Prince Philip, Margaret Thatcher to name but two). The server room was cramped, but the dignitaries were always shown around: "VAX 11-780 with half a megabyte of RAM!". Running in shouting "which *** pushed the read-only switch on the drive" after someone had butt-pressed it could be a career limiting move.

Also, if you found a pack on the floor, you didn't just assume it was untidiness: it might have been left on top of the "washing machine" and the vibration could have shaken it off, disturbing the alignment of the platters. Mounting it (in the days when that was a physical action) would almost certainly lead to the destruction of the heads.

Verity Stob is 'Disgusted of HG Wells': Time, gentlemen, please

Alan J. Wylie


Don't, while at work, do a google search for "phub", Not Safe, indeed. I wonder how their "AI" got trained on that one?



Biting the hand that feeds IT © 1998–2021