Posts by djack

Almost certainly not B&N If you ask me.

To keep up the faux mystery .. If you add an 's' onto the end of the name of a big London law firm you get the name of a big UK bookseller.

Re: I'll wait and see

Did he?

The wording of the reports I saw on the matter simply said he didn't rule-out resigning, which is quite a step from actually offering to.

Re: Avoid suspicious emails and links :o

Agreed, the only two classes of organisation network that is up there with councils are police and hospitals. They have a frightening amount of niche applications and hardware.

I think the aspect of failure that most people should be more concerned about isn't the cost of repair or maintenance of redundant systems, but the cost of actual failure when in use. If the brakes fail in a car at 70mph, I wouldn't be congratulating myself on saving a few quid on not having a redundant system.

Re: So tell me sir...

Reporting what you genuinely believe to be a crime is not a crime. If he knew it was a prank that would be a different matter but there's no indication of that.

Re: It’s unclear if the AI failed to perform as hoped, or...

Reminds me of my recent attempt to navigate Barclaycard's IVR to confirm that they had spotted a fraudulent charge. Whoever programmed it was convinced that everyone just calls it to get their balance, or that anything else can be dealt with by sending them a message that they'll get around to looking at after a few days. I went through many menus pressing the option that wasn't "check your balance" and answering security questions....

It then told me my balance.

I understand (I don't run a Matix service so can't say for sure) that the upgrade of each 'room' version can be fiddly.

Re: Corporate fines ...

It should be a significant percent of revenue or value of the company (there's a reason that many companies actually take GDPR much more seriously than other countries).

Then after a period unpaid (or repeat offences) it should get personal - immediate arrest and detainment of board members until compliance. I had been thinking of this for a while, but France proved it works with Telegram.

Re: I am surprised

When continual monitoring is done for compliance reasons, that data is (where done right) kept elsewhere and under lock and key, and quite often with an entirely separate IT team looking after that area of technology. In those organisations such data is explicitly NOT stored all over the place where anybody can get to it. Those compliance teams will be having nightmares, not wet dreams about this.

Re: muscle memory

Middle click to copy and paste the selection has been a unixy standard function for a loooooong time. Incredibly useful too, not only for time saving but you end up with two easily accessible clipboards (CTRL-C .. CTRL-V and middle click can contain different things so you have so much more flexibility). Complaining about that is on a par with complaining about the use of '/' instead of '\'

Re: Cost models were/are crazy

Not just Terraform. We use Vault for PKI and secrets storage in an environment for a small team. I went looking for pricing, but there was no affordable option for a small business. I would imagine that if they had something between the free and megacorp price thresholds then they might be a bit more profitable.

I have the opposite problem. often the phone says it is connected, but it sure as hell ain't anywhere on the car.

Re: How can be…

You only actually need the phone for initial registration. Signal send a single SMS for 'verification'. After that, as long as whatever client you are using doesn't lose it's authentication data, you don't need to touch or use the phone again.

Re: Rust?

Ot the perl module Lingua::Romana::Perligata:

i now have the sudden urge to try and learn Latin

Re: "However, this largely feels moot as the keyboard itself uses two USB ports."

Why does a keyboard require two USB ports?

The second connection is for the port on the keyboard. Basically just acts as an extension. You don't need to plug in both plugs if you just want to use it as a keyboard.

No idea why they didn't just build in a USB hub into the keyboard.

Re: Compliance....

Sadly not.

Buying foreign currency is classed as a cash advance as far as credit cards go.

That means you pay a charge on the transaction and the money is subject to interest charges immediately (unlike normal purchases which only accrue interest after the current statement period).

I learned this the hard way.

I usually start whispering in an attempt to get them to turn up the speaker volume at their end before suddenly unleashing the deafening noise.

Re: Giving the vendors a choice will give the users a choice

If you have enough knowledge about firewalls and how the Mikrotik works, it is a great bit of kit, but for the average user the default configuation leaves a lot to be desired.

It is quite obvious that Mikrotik devices are not aimed or marketed at the average home user. It's quite obvious from the feature-set, UI and documentation that these devices are aimed at networking professionals who should be expected to be able to secure their own stuff. I wouldn't recommend Mikrotik kit to Joe Average for the same reason I wouldn't recommend Cisco, Checkpoint, Juniper etc. etc.

However, for those that can handle them, they provide huge capability for the price.

That said, there's no need for insecure by default.

Re: @marcus - Vulnerability is overstated

What complete idiot implements remote access in a consumer firewall ?

I wouldn't call Mikrotik a consumer firewall. They are squarely aimed at the semi-pro through to carrier market segments.

Re: We've asked the Information Commissioner's Office to confirm it is aware of the issue. ®

PlusNet store your password in plain text

.. or at least encrypted in a reversible fashion.

Whilst this is not best practise for storing credentials, the PPPoE layer uses CHAP authentication. I've not kept up with PPP authentication methods but a few years ago at least, the options were send in clear, some sort of CHAP variant (where the server needs to know your credential in clear) or something proprietary that will restrict the type of router you can use. At this layer, they are making the best of a bad set of options.

and will email it out to you

This is where it all falls down though. They use the same credential store for access to manage your account and has accessible mechanisms to discover it. To my mind, they should be making every effort to make the credential store a 'write only' system.

Re: 'It's not clear whether he also has a FB account or whether he's a non-account'

The 'service' is not being provided to the individual, it's being provided to advertisers.

Hence they have no defence of it being stored as an essential part of the service to the subject.

Re: Actually...

.. or if you use letsencrypt as the CA, which the mention of certbot seems to be advocating even if it's not explicitly mentioned in the text.

it's not difficult to do, even without an updated version of certbot.

I had that same situation. It is likely a 'problem' with the configuration or provisioning of your SIM. I also thought it was because I was using a non-network phone. However, the last time I bought a new handset I needed to migrate to a nano sim. I made the mistake of getting a replacement sim (free and pretty much instant process in the local store). Ever since then it has been properly registering 'tethered' traffic.

Re: F1 is a Car Crash

They do need to sort out the media rights again. Hopefully something more along the lines of what Formula E are doing

.. giving it to a broadcaster that does not care about it enough to show it consistently. You have to play guess the channel does not lead to audience retention. Will the next race be on Five, will it be Spike or will they find some other channel to dump it on.

their emphasis seems to be on fan engagement and large audiences.

Fanboost needs to die in a fire. Having a popularity contest contribute directly to the available power a driver has isn't racing. Sam Bird is at a massive disadvantage, I reckon most Brit racing fans are traditionalists so he never wins the vote yet he still brings home the points.

An next year's Formula E car looks like something straight out of the Hot Wheels factory

yep, the Gen2 car looks hot hot hot. They actually designed in the halo instead of just plonking it on top like a pile of scaffolding.

I love F1, i also love FE. I don't understand the "it's slower" argument. The cars in an F1 race are going slower than in Qualy yet you don't say there's no point in watching the race. The enjoyment in the race is in watching the drivers getting very close to each other indeed and battling to get past/stay ahead through corners. there's typically much more of that in FE than there is in f1 nowadays. That said, both series were blessed with cracking races this past weekend.

Re: Note to Nvidia

Why is it 'abuse' anyways? and why is one type of 'abuse' a licensing issue an another ain't?

if I decided to massively overclock a card, push 1KV where it's expecting 5V or dissolve the thing in acid, that can be construed as 'abuse' of the card but no-one is gonna come round and try and sue me for doing so, the worst that would happen is laughter if I tried to claim a replacement under warranty.

Consumer cards aren't designed to be run at full power 24x7. OK, state that and state that it's not covered by warranty if it breaks, that should be the beginning and the end of ir.

Re: Don't open unexpected attachments

Malware can harm a company even without elevated privileges. Even if everything a user has access to is regularly backed up, a ransomware attack can still cause great disruption and expense.

Whilst there are gateway systems that can extract all "non-active" content from incoming files and just deliver that, they are not perfect, can throw away important content and are currently insanely expensive. Until that sort of system is perfected and commonplace, this sort of attack vector is going to be a massive risk.

Although we don't expect normal staff to "be" security guards, we expect them to not open the fire exit doors because some randomer wants to be let into the building. (That said, we all know that people hold open access doors for unknowns far too often) A bit of awareness is not an unreasonable thing to ask. Yes, mistakes will happen from time to time but "don't click links or attachments in unexpected emails" and awareness that emails may not be from who they say they are should not be difficult concepts for anyone performing pretty much any task in an organisation.

Re: spoilerific

No, that's the gerbil out of g-force it's part of the Disney Cinematic Universe now, Kermit the Frog's in episode 9 in a role not dissimilar to Yoda, "here, hi-ho, Kermit the frog I am".

Surely it'd have to be Miss Piggy as Yoda.

Re: Tight squeeze

dont forget swears constantly and hurls abuse at everyone else in the game

Why does that make them unfit? You could almost believe that the team radio conversations are in morse code!

Re: Farewell Sonos

If you did own a Sonos I wonder if changing the T&Cs to something you no longer agree with provides a case for you to return the goods for a full refund?

I don't believe that anyone managed it when Sony released a firmware update that removed functionality from the PS3.

IIRC, they used a similar sort of language as Sonos in that if you wanted to keep the OtherOS function, you simply didn't have to install the (unremovable) update. Though in reality if you wanted to play any games released after that, you had to install the 'optional' update.

Re: Round these parts ...

Neither, we blame the weather.

Re: Poweredge T20?

Hmm.

Mine is still well within its warranty period, so there's absolutely no way it should be unsupported.

Re: PANIC!!!!!!!!!! :-)

That test looks flawed to me.

AMT sits between the physical ethernet controller and the os.

127.0.0.1 only represents the visual lo loop back device and therefore goes nowhere near the network hardware. Even doing that to the ip address assigned to your nic wouldn't work as the kernel would know that it doesn't need to send across the network.

Try it from another host on your network towards your i7 and you will get more accurate results.

Re: WindRiver?

There is no licensing issue. GrSecurity's kernel are license under GPLv2 which specifically allows the recipient to re-distribute.

However, you are not obliged to re-distribute and nor are grSecurity obliged to do business with you, so if they find that you have distributed the kernel they are entirely within their right to refuse to give you their next version.

The use of the grSecurity trademark is a different matter and I suppose the usage of it depends on what they are claiming in the associated documentation.

Re: fortunately 3 do reasonable all you can eat data packages

It actually seems to be done via the SIM or network.

For whatever reason, they used to be unable to differentiate between my tethered and non-tethered traffic. I changed phone (direct from manufacturer, not from three) and realised I needed a nano SIM. Not having one of those hoe-punch style things to hand, I went to the local store where a helpful chap swapped my SIM out for free.

Result : my tethered traffic is now registering as being tethered - on the new phone and the old - no special firmware required. I can only guess that my previous SIM wasn't provisioned correctly.

As a long-term customer who doesn't (often) take the mick with the unlimited data, I enjoy a very significant discount on the unlimited service. they've bumped me off my old plan the other month but as it was the first price increase in about five or six years for me I'm not too aggrieved.

Re: @GingerOne

I would be very angry if any customer I looked after had had their details leaked knowing what could be on the way after such a breach of information.

if I were a Solarwinds customer in this case, I'd be worried what level of legal liability I would have to my customers if their data was involved in this.

Re: Everybody who wants one, got one

For example, I am typing this on my Nexus 10, which is getting to be close to 5 years old. However, it still works fine, and anything mid-range I could get to replace it won't be an improvement in terms of the screen quality, which is the crifical requirement for me.

I also have a nexus10 though sadly the battery is on it's way out, after a couple of hours usage the thing just dies with very little warning ((battery monitor would be 60-70% not long beforehand). It has also started to feel a bit sluggish.

Totally agree that there seems to be nothing at a reasonable price that comes close to the screen quality - I almost wish I hadn't got used to the Nexus as then what's available now would seem like an upgrade.

Re: For the sake of argument...

If it was a legitimate medical image, why is it taken on his personal phone, not on a hospital/surgical system?