Posts by Charles 9

Re: "took out your video drivers"

"It doesn't have to be like this."

Actually, it MUST be like this, because that's how most people are. You Can't Fix Stupid.

Re: Political SNAFU

"If there was such an attack on the banks, the crooks would be had up against a wall and shot before you could say SMB bug."

Unless, of course, the crooks were found to be protected by hostile governments. Are you willing to declare World War III over a bank hack?

Tell. Us. HOW. Without us falling on our swords first.

The very expensive medical machine you use to save lives ONLY runs Windows. And this is true of EVERY other supplier of the same equipment.

Re: Executive summary

But what if you're up against the proverbial immovable object, when no haggling whatsoever will work, and EVERY supplier's the same way? Remember, medical tech is a very niche industry.

Re: GCHQ and Patches

Unless there WASN'T a choice. If ALL the suppliers (and note that medical equipment is considered a niche industry: few suppliers) shipped their machines with Windows and nothing else, how would you go about with your goal, especially if the machine needs to be obtained in a timely manner because it's replacing a broken unit?

Besides, Linux isn't immune to this, either. Hardware support CAN get borked by a kernel change (because the hardware driver requires something in the part of the kernel that got changed).

Re: GCHQ and Patches

Three words, repeated over and over:

Patches BREAK Things. Do you want the computer controlling the 6-to-7-figure MRI machine to be borked by a patch? Hard to believe, but a VERY real possibility.

Re: Executive summary

So if people have no choice but to use Windows due to contracts or exclusive software, the only option is to bend over?

Unless the BACKUPS got infected, too. That's a known tactic of sleeper malware.

Re: Every day is a learning day

"Yeah, we learned, yet again, that the internet is a playtoy which should be airgapped from critical systems."

Which is countered by the lesson that ANY air gap can be bridged or jumped, especially if someone wants it badly enough (in particular someone UP TOP).

Re: Is there any point in keeping GCHQ?

Yes, because any alternative could be FAR worse. Better the evil you know...

Re: Windows in the NHS

The problem lies when you prerequisite Linux...and get no offers.

Re: Mitigation against ransomware:

But IT doesn't control the budget, and the board doesn't like IT as they're a cost. So now what?

Re: Malwarebytes has a free desktop anti-ransomware available

But doesn't the malware simply target IT first before wreaking havoc. This one is noted to try to disable countermeasures.

Re: Social engineering?

Plus the last bit about not opening attachment from UNKNOWN sources. What if the infection is a spear-phish and the attachment actually comes from a KNOWN source, and in an expected format? Don't forget, infections through image files and PDFs are possible.

Re: Do we need attachments?

(Shakes head) Not practical because medical imagery is a routine attachment to medical e-mail, and some malcontents have been able to cause malware infections THROUGH graphics files. That's right. Files that aren't MEANT to have executable content (by their spec) get mangled to have and execute them anyway.

Now I'm just waiting for the malware that can pwn an e-mail program using nothing but embedded 7-bit ASCII code. Given the world we live in, I'm not holding out hope.

PS. HTML-based e-mail isn't necessarily a bad thing. A little formatting doesn't hurt, but the problem is that HTML e-mail clients throw in too much of the spec. If clients were to instead pare back their HTML e-mail parsers to a spartan subset of the language (basic formatting tags, table formatting, MAYBE support for attached graphics, and NO accessible or inline external links), then it wouldn't be such a big issue.

"A long, long while ago somebody wrote an article on an OS with default-deny as policy, where you (as admin) have to approve each and every bit of software that wanted to run/install itself on your purdy compootah."

You know Windows tried to do that with Vista, with UAC. The end result was exploits STILL going through due to a psychological phenomenon once called "hoop jumping" and now better known as "click fatigue". The problem with default-deny is that it irks users to do it over and over and over again. Make something annoying enough and people either "zombie" their way through it or find ways AROUND it.

IOW, there's just no pleasing some people. Our current situation is untenable, but so is default-deny to the average user. So what do you do?

Re: "Adding to the bottom line"

"If businesses still needed to run XP software (as a stop-gap until application upgrade), Microsoft provided downloadable XP emulation support in proper versions of Windows 7. VMWare and VirtualBox were also possible workarounds (for strictly limited scope use), as were RDP/Citrix if the local machine had limited RAM/Storage, so had to run a lighter secure new OS e.g. an embedded version of Windows 7 or a Linux."

But what about if the thing holding you back is the hardware, such as custom controllers that are ONLY supported up to XP (say because it uses the ISA bus, support of which was dropped in Vista), and the replacement of which is so expensive as to require the approval of the board or whatever? You can't virtualize custom hardware because the VM has no idea what's in it.

"Offline working isn't desirable when other team members need to work to changes you have made and vice versa."

But what if you're OFFline more often than you're ON? Say you live in a not-zone?

Re: ORLY?

Call me when it can do Crysis acceptably. Then it'll have the raw horsepower to get most things done, even the occasional game and encoding job. Then PCS will really become a niche item.

PS. You can't RDP to a computer that doesn't exist for you.

Re: Linux

On Macs, it's called the Command key (next to the Alt with the loopy symbol). It's technically different from the Win key, but Linux takes it a six of one and half a dozen of the other.

Re: A dish best served cold

In other words, if this REALLY were a State attack, they'd be going for the jugular: using as as an inroad to permanently borking all the hardware in the machines to make them nuke-proof.

And THEN they'd let them lay low. Perhaps remove the original vector to make things look all hunky-dory.

And then, after a while, start having the borked hardware exfiltrate useful stuff, a bit at a time, encrypted, hidden in actual traffic. Perhaps even to legitimate destinations that have been secretly subverted so they can sniff the packets out in transit or whatever.

IOW, a State attack is one you wouldn't even know it ever happened.

I thought in the modern sense the Second World represented countries on the rise: having characteristics of BOTH First and Third World countries in terms of industrialization and domestic wealth but definitely on the track FROM Third TO First. For example, would one consider China and India First World (already heavily industrailized) or Second World (in progress)?

Re: That doesn't matter

Doesn't have to. The Berne Convention establishes common ground for copyright law, meaning in many ways South Korean and American copyright laws will coincide, and makes all signatories respect the copyrights of all other signatories. That's what makes licensing and transferring copyrighted works (such as movies and TV shows) from country to country so complicated.

Re: surely the GLP is, first and foremost, about copyright, not contracts

Except we're talking a publisher, a source of copies. Now the copyRIGHT in terms of what you can and can't do in terms of MAKING copies comes into play. The defendant is less a book OWNER than a book MAKER.

Re: That doesn't matter

But it would be unenforceable if the country in question didn't respect the other country's copyright law. Sovereign power overruling a foreign country's law.

But the thing is, South Korea IS signatory to the Berne Convention, MAKING it enforceable.

Re: A decentralised facebook

Stuff like BitTorrent is selective. People only share what they're trying to collect and what they WANT to share. What you propose is more like Freenet, which demands you keep a certain amount of storage to share. This results in constant churn that eats into data caps. Doesn't BitMessage have the same issue?

Re: Remember

"Chiquita. Quite possibly the world's perfect food." I've seen ads for Del Monte bananas as well, covering most of the banana market.

But what if they WANT to be part of breaking the Internet...or simply don't care?

Re: WTF ..., WT actual F ?????

So what happens when a patch for a Cat I vulnerability broke something critical in the process, creating a dilemma because the critical machine was inoperable either way?

Oh... (blushes)

Turns out what I'm talking about is unique to my area.

But it DOES exist: http://www.appacab.us/

Re: Remind me again what the ex-labour cabinet are doing now?

"Rather like Turkey?

One of the better reasons for Brexit."

And that's why I say the laws in the end are just ink on a page. If you can amass enough power, you can ignore those laws and replace them with your own.

Re: Remind me again what the ex-labour cabinet are doing now?

Nah, you just end up with a coup as the people in power shoot the shooters and seize power to avoid being shot.

Re: Explain it sloooooooowly...

And if they STILL don't get it, nor does anyone else you can conceivably elect?