* Posts by fatchap

130 publicly visible posts • joined 16 Jun 2009

Page:

The truth about mystery Trojan found in space

fatchap

It really would take more than "one malicious teenager" to do this. The level of complexity in Stuxnet is truly awe inspiring.

Apple share-price-off-a-cliff: Told you that would happen

fatchap
WTF?

Reading?

Maybe learn to read?

The key word is "can", if a 1000:1 outsider comes in and you have all your money on it you will be better off than if you had invested in any low risk investment.

Of course you may loose everything but that is the definition of high risk

Schmidt slams China as world's most prolific hacker

fatchap
WTF?

Re: Expect google to be hacked next...

Like Operation Aurora you mean? BIYF

Channel players hit the pub for Christmas... it's been a long year

fatchap
WTF?

"Now this isn’t necessarily true of every role, and it’s certainly not the case in the big name consultancies. "

It bloody was when you were there!

Google, Apple, eBay shouldn't pay taxes - people should pay taxes

fatchap
Thumb Down

while doing most of their business

That is exactly what they are doing. Buying and selling beans and building a brand are the most important elements of Starbucks business. They are the elements that incur the biggest risk. The location they perform those tasks are where they pay the tax.

Just because people fail to grasp how a business does business does not mean a company is somehow gaming the system.

fatchap

Re: Would raising personal taxation work?

But they can move to the most favourable juristiction in the EU. If there were not corporation tax in the UK then this would incentivise them to move to the UK, as that would offer a better return.

fatchap

Re: Thanks Tim!

But that negates the agility of a small company to adjust to local trends and so out-compete a multinaitonal.

HP and Apple and Microsoft and Google were once all small companies competing with giants such as Rand, IBM and DEC. Mediocre is mediocre.

British IT consultant talks of his three years as an Iraqi hostage

fatchap

Of course not

The UK doesn't do these things no. We let the US and their Extreme Rendition partners do it for us.

'Four horsemen' posse: This here security town needs a new sheriff

fatchap

No benefit

There is no benefit to being a CISSP unless you are actively looking for an infosec job where the recruitment is being managed by someone with little or no knowelge of infosec.

McAfee puts Barnaby Jack on car-jacking hackers' case

fatchap
FAIL

Re: Blowout != puncture

To puncture is to make a hole in something. The size does not matter. A blowout is a type of puncture.

Make life easier on campus with a simpler LAN

fatchap
Childcatcher

Somone think of the broadcast domain!

If you collapse these layers you end up with a massive broadcast domain and so you will be smashing your access to core links with ARP packets and the like. A really bad use of those links.

This article is just terrible. Has the guy who wrote it every seen cat 5 cable?

fatchap
FAIL

Someone explain why a rise in wireless access increases the number of ports needed?

Multiple wireless devices connect to an access point that covers an area and only uses a single port. Wireless actually reduces the number of ports.

Scotland Yard collars seventh computer-hack suspect

fatchap
Devil

Re: Congratulations! - You're in the final of Cyber Security Challenge

Well they got caught so they cant be that good!

Olympics security cockup down to software errors - report

fatchap
Big Brother

Re: On a slightly different tack

Why would you? The folks doing the guarding would then have to be transported to and from the grounds at a time when public transport is being stretched to the limits, there is no parking at the grounds and you have not been able to hire a coach in London during Olympic fortnight for the last 4 years. Hiring around the East End is the only option, which means you are fishing from a very shallow pool.

Security fail for Apple as hacker cracks iOS in-app purchasing

fatchap
FAIL

Security Fail

For anyone who thinks giving a Russian guy with very low morals when it comes to allocation of funds their username, password and potentially payment info!

How to screw LIBOR and alienate people

fatchap

Re: The curious thing about all this..

Although thinking about it if I honestly make a false representation I am free. So if I say "I don't think this is true but if it was would you lower the price" I am not committing fraud. So if I make my Libor return and "say we know this is not the correct figure but it is close because by its very nature it is a flawed calculation" is that still fraud.

fatchap

Re: The curious thing about all this..

Well technically they could have done. But they had to do when they agreed the deal. Caveat Emptor surely?

Why choose to base my deal on something that relies on the honesty and integrity of those who may have a vested interest in manipulating it. It is not right if they do then manipulate it but I can hardly claim that I have no choice in doing the deal.

fatchap

Re: The curious thing about all this..

I stand corrected

fatchap

Re: The curious thing about all this..

Isn't the analogy more like when you went to buy a car you said to the sales guy that a competitor was doing it cheaper and so convinced them to drop their sales price a bit. The fact that nobody had offered it to you cheaper is besides the point. It is not fraudulent to say that someone else is doing a better deal than they are.

Microsoft's $1bn Yammer gobble gabble blabbed by insiders

fatchap
Meh

Re: Eh?

My employer network has just under 5k people Yammering. We are pretty good a self policing to make sure nothing too sensitive is posted.

I have had clients who wanted to block it and another who has excess of 10k users.

I don't think either have opted to pay for the enhanced features so really not sure that the Freemium model works well enough to validate a $1bn price tag.

Tomb Raider dev denies Croft rape scene

fatchap
Childcatcher

Re: Disgusted.

Yes because films like "The Accused" are equally objectifying, is it just because of the media that message must be puerile?

If the game is marketed towards adults then I don't see why it should not have a grown up theme like abuse and how that may affect someone's decision making and the horrific effects these events can have. I am sure Cheryl Araujo would be thrilled that her terrible experiences were made into a critically acclaimed and moving film to pander to dateless 15 year olds.

Until I have heard that there is a complete version I will refrain from commenting in such a "someone thing of the children" type way. Even if I fear you may be sadly right in the end.

'Super-powerful' Flame worm actually boring bloatware

fatchap
WTF?

Re: DNS Flux

You do know that it is possible to use a registrar that is outside your local vicinity right? Also that there are things like credit card fraud so the person of record on the 1000s of domains may not actually be the perpetrator?

It is one of the reasons that RIPA and Patriot act are pretty much useless in this regard.

fatchap
Boffin

DNS Flux

Pretty simple you programmatically create more almost random strings as domain names and automatically register them as your bot farm switches between them.

You register these domains under false names with less than stellar domain registries and keep the records pointing at a number of servers you have already compromised and can retrieve your information from at leisure. You access them through a string of other proxies and a tor network and hey presto you can go about these things relatively undetected. Especially if some of the hosts are in jurisdictions that don't play nice with western governments when they are investigating.

See here for what other internet randoms say about it: http://en.wikipedia.org/wiki/Fast_flux

Stuxnet ≠ cyberwar, says US Army Cyber Command officer

fatchap
FAIL

Re: Steps required to prevent "cyber attacks"

Soooooo. How do you suggest we monitor or manage these important things? Dedicated Leased Lines?

Tech City hailed as saviour of THE ENTIRE PLANET

fatchap
WTF?

Re: Turning off servers at 6:30?

I have never understood this attitude. If I want to respond to emails when I am not at work why shouldn't I? I feel like working 20 hours a day who are you to tell me not to?

I would rather be measured on results than the time I work to deliver them. The fact that my employer allows me to work in a way that suits me rather than shoehorning everything into 8hrs from 9-5 means in my mind they are doing something very right.

If others want to work less hard, take holidays and relax that is fine, but they will be left in my wake as I produce more so they had better not complain about that as well. Why should I drop to the lowest common denominator's level of productivity?

UK2.NET smashed offline by '10-million-strong' botnet

fatchap

Re: Huge attack!

"However, more scary in either case would be that UK2 have links to the Internet through people who don't remove spoofed addresses." That is the Internet isn't it?

How would you know that an address was spoofed? As long as it was not RGC1918 or from an unassigned block it could be legitimate.

Too small to fail: Obama signs Nontrepreneurs Act

fatchap
FAIL

Re: Why have rules - we still get Enron, Bank implosions, and more

Utter, utter Bollocks. All SOx is saying firms should do is understand what their business is and have some assurance that the figures they present to the market are accurate.

What has cost a load of money is idiots like you massively inflating the requirements and so allowing charlatans to make a massive amount of money on the FUD surrounding it.

Google shows off Project Glass augmented reality specs

fatchap

Re: texting while driving

You could but then your glasses would not be syncing up with your car to plot the most advertising efficient I mean fuel efficient way of getting to where you want to go.

Record-breaking laser pulse boosts fusion power hopes

fatchap
WTF?

Re: K.I.S.S.

Name one form of renewable power generation that, with current technology, can be built and used locally to the point where it can exclude the need for non-renewables?

Hacktivists nicked more data than CYBER-CROOKS in 2011

fatchap

Re: umm

Yes.

Also the source of the report is "based on first-hand evidence collected during paid external forensic investigations conducted by Verizon from 2004 to 2011". Companies who think a phone company are best placed to help with a breach are also most likely to be the low hanging fruit a bunch of opportunists like Annonymous would go for.

You cannot correctly extrapolate from this data set to the conclusions without massive assumptions.

Hello? You'll never guess where I am ... I'm under a ferry

fatchap
Joke

HELLO!

I'M ON THE TRAIN... NO IT'S SH1T!

Younger generation taking 'sledgehammer' to security

fatchap

Re: What bollox

No there are two sources. I looked something up on wikipedia and cut and paste it so did my mate. We then checked our aswers against each other and only if they matched do we submit them.

The cyber-weapons paradox: 'They're not that dangerous'

fatchap
Thumb Up

Re: PR Fail

The exact analogy that occured to me.

fatchap
FAIL

Re: Re: Is SCADA particularly difficult?

The problem is there is no barrier to entry to becoming an expert on sewage systems, power generation or one of many other SCADA scenarios other than intelligence and motivation to learn. If you are planning on launching a proper nation state vs nation state military action you normally have these both in spades.

The assertion that we only therefore have to care about malicious insiders should be suffix with a coda of “or anyone else able and willing to gain a similar level of knowledge”. Which suddenly increases the threat actors from a few people per site to well funded intelligence agencies with an appetite to launch these types of attack.

So the threat of damage in a cyber war is low apart from the threat of those capable of actually starting a cyber war.

Security biz scoffs at Apple's anti-Trojan Gatekeeper

fatchap
Facepalm

Re: Protecting...

How do you know you have no Trojans?

Is that not the point of a Trojan that you don't know it is there until it is too late? Perhaps you have never connected it to a network or used any sort of disk, is the Mac still in its box?

Euro data protection: Great for punters, not for biz - MoJ wonk

fatchap
Joke

Re: The rules of hierarchy

you say all that like it is a bad thing

Whistleblower: Decade-long Nortel hack 'traced to China'

fatchap

Re: Typical example

You have a better chance doing it with the right COTS stuff properly configured and well managed than you do starting out and doing it all through home brew kit.

If however you mean deploying stuff because it has a shiney brochure and the salesman told me it would make me sure you are probably correct; it will never work.

fatchap
FAIL

Re: So...

So what makes you think that when they change it the intruders' software does not just send out the new password?

Not using 2FA for sensitive stuff fail I'll grant you.

Microsoft code not the security sieve sysadmins should be worried about

fatchap
FAIL

Firewall????

A firewall really does not mitigates these threats. If a user's PC is attempting to pass traffic out from the network through the firewall they will nearly always allow the traffic through. I suggest you google Spearphising and rethink your assertion.

Comet sheds 450 jobs in biz survival struggle

fatchap
FAIL

Long term?

Because nothing says long term business like a bricks and mortar electronics retailer?

How's Cameron's favourite Shoreditch startup doing? Oh.

fatchap

These days????

Simple fact is very few ever actually became a success. That is the nature of start-up business I am afraid.

David Cameron gets custom prime-ministering iPad app

fatchap
Boffin

So how does this whole computing malarkey work if there is no storage involved? Totallly cashless computing at every step of the way, that may take more than 3 months to bash out!

Hidden Dragon: The Chinese cyber menace

fatchap
FAIL

Commercial

Unless you are more important than I think why on earth would professional hackers interested in IP and commercially sensitive data attack your home PC?

Tax dept staff are HM's biggest e-learners

fatchap
WTF?

how do you get to 615,000 staff? Perhaps you did not look up from your Daily Mail long enough to read the article properly.

Not saying HMRC is anything less that a shower of absolute toss that could not be replaced by a trained team of monkeys but at least get the maths right when ranting.

Boffins: Japan was hit by 'double-wave' tsunami

fatchap
Black Helicopters

The satellites just happened to be there? Not at all caused as part of an experiment going disastrously wrong then.

Victorian Ombudsman whacks state’s IT spending

fatchap
Thumb Down

Victorian

I was hoping for a stern man in a stove-pipe hat and monocle examining the last government's projects and deciding that they all should be transported.

Hypersonic missile successfully hits Ronald Reagan

fatchap
FAIL

Unless of course the launch of the cruise missile is broadcast live on CNN then they are observed by at least three people.

The point is of coursehat if people bricked themselves over Tomahawk launches as they do over ICBMs they may well pay more attention to them, for some reason ICBMs seem to capture the imagination more.

IBM reveals secrets of Watson’s Jeopardy triumph

fatchap
Headmaster

Have you ever watched Jeopardy? The point is that Alex gives you the answer and you have to give him the question.

The point is the answer to the question "what is Chicago?" is not "Its largest airport was named for a World War II hero; its second largest, for a World War II battle"

If the jeopardy question was "A city whose largest airport was named for a World War II hero; its second largest, for a World War II battle" then the question might be "What is Chicago?".

How to make clouds and influence accountants

fatchap
WTF?

Lifetime of asset

Not really, the reason why most people prefet mortgages is that they think the asset will be worth something when they have paid off the debt. This is not the case for an IT asset where it will likely be worth next to SFA after a couple of years.

Page: