* Posts by TrevorH

107 posts • joined 22 Sep 2009


DDoSers take weekend off only to resume campaign against UK's Voipfone on Monday


Re: Annoying...

Unfortunately they use a botnet which is not just Russian, it's worldwide.


Re: this is what happens when you dont enforce authentication

So how do you authenticate when the pipe connecting you to the internet is so full of random data that the real stuff cannot get through. Your grasp of what a DDoS attack actually does and how it operates seems to be not very aligned with reality. You cannot protect against a DDoS attack once the packets from it arrive at your endpoint. It's already too late.


And that would help against a DDoS how?

Twitter's machine learning algorithms amplify tweets from right-wing politicians over those on the left


It's that Russian Troll farm liking posts most likely to lead to the demise of democracy...

Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations


After Kaseya it appears that REvil got out of the ransomware business. If the recent attacks on VoIP infrastructure are to be believed they've moved into plain extortion instead - "Send us 10 BTC or we will DDoS your business to death".

Thunderbird 91 lands: Now native on Apple Silicon, swaps 'master' for 'primary' password, and more


Re: More like Chunderbird, amirite?

The usual nickname for it is Thunderturd


Re: Primary?

s/A Master Password protects all/An overall password protects all/

Ubuntu, Wikimedia jump ship to the Libera Chat IRC network after Freenode channel confiscations



ASUS baffles customer by telling them thermal pad thickness is proprietary


> Savvy users often clean the surface with some high-strength isopropyl alcohol to remove debris and ensure peak effectiveness.

Here's a warning for those of you who have a bottle of 99.x% pure isopropyl alcohol. If it's over about 5 years old, get rid of it. I speak from experience, very bad experience :-( I had a bottle of it that fell into my pocket at a $dayjob nearly 40 years ago and I just finished it up and found the bottle rattled. Tipped it out into a pyrex glass ashtray and it was a small crystal, probably no more than 4x4x1mm, poked it with a metal stick and BOOM! Loudest single noise I have ever heard. My hearing cut out about 1/10th of the way through the B in BOOM! and and was followed by a ringing so loud I tried to cover my ears with my hands, I can only hear about 80% of what I could before. Shattered the glass ashtray into several large pieces and left a pile of powdered glass on the table. Left me completely deaf for at least 4 hours and recovered only gradually and is almost certainly never coming back. Went to A&E and they tell me my eardrums are still in one piece though I'm not sure I believe them.

Apparently isopropyl alcohol forms peroxides over time and these are extremely unstable.

Freenode IRC staff resign en masse, unhappy about new management


Re: Looks like I will be dumping PIA then..

I don't think they need to merge with OFTC. According to https://twitter.com/TwitchiH/status/1395350831805894659 libera.chat is already the 6th largest IRC presence on the internet and scheduled to pass OFTC in the next few days. Effectively libera is freenode by another name since it has the same staff and many of the same sponsors have already given them new servers.

Apple sent my data to the FBI, says boss of controversial research paper trove Sci-Hub


Wouldn't a genuine email say "from the Federal Bureau of Investigation" not just "from Federal Bureau of Investigation"?

'Chinese wall'? Who uses 'Chinese wall'? Well, IBM did, and it actually means 'firewall'


Having been a white hat hacker, I think I find being called "offensive" more offensive than any negative correlation of the existing name. Besides an "offensive security researcher" sounds more like someone trying to do damage than not. Perhaps a "defensive security researcher" would be better.

Also, from what I remember the terms white hat and black hat don't have racial origins at all, they come from the old Hollywood westerns where the good guys wore white hats and the bad guys wore black hats. Both sides were almost always white men.

What's in Fedora 34? GNOME 40, accelerated Wayland, PipeWire Audio, improved Flatpak support, and more


'scuse me?

Fedora is aiming to make the Flatpak format the "primary packaging format that Fedora users consume their applications in,..."

The unanswered question at CentOS community Q&A: How can we trust you now?


This had nothing to do with IBM. Red Hat are quite capable and willing to shoot their own feet.


Re: Are people sure they get what Stream is?

The downside that you are missing is that with the old style CentOS, you could plan for a point release coming along and including new things that would break your system. So you knew when to watch out for breaking changes and could plan for them. In the new scheme of things you will now get breaking changes whenever Red Hat feel like pushing them.


Plus the CentOS board have no power to make any decisions about it at all so their "It's hard to predict the future" really translates as "we do what we're told".

The majority of CentOS board members are Red Hat employees and most of them, if not all of them, are nowhere near the C-level execs needed to make such decisions. Some others are not RH employees but when the vote goes 7:2 (or whatever) it's not hard to know who voted where...

Did anyone tell Logitech about lockdown? Biz launches pricey video chat kit for office conference rooms and 'huddle spaces'


Aren't huddle spaces what were in use on Jan 6th in the Capitol?

Red Hat defends its CentOS decision, claims Stream version can cover '95% of current user workloads'


> "the CentOS Board signed on to it."

In the same way that a hijacked plane pilot signs on to going to Cuba...

CentOS project changes focus, no more rebuild of Red Hat Enterprise Linux – you'll have to flow with the Stream


"Changes focus". What weasel words. Red Hat pulled the plug on the project despite all their promises in 2014 about not interfering with the project and it being a safe home for it.

Linux kernel maintainers tear Paragon a new one after firm submits read-write NTFS driver in 27,000 lines of code


There has been read/write support for NTFS in linux for years. It's a FUSE based filesystem sure but it works.

Microsoft confirms pursuit of TikTok after Satya Nadella chats to Donald Trump


Microsoft Teens...

I thought it was already decided that it would be renamed Microsoft Teens...

From a trickle to an Application Stream: Red Hat opens barriers for RHEL 8.3 beta


I've not used the 8.3 beta installer but it looks like they just moved the user creation bit into the stuff that has to be filled in before the install can start. If it's like it was before this change, when you got to fill it in at your leisure while the install was running, then setting the root password is mandatory but the user creation is optional. If you look at the text it does actually say "No user will be created".

Amazon staffer based just a stone's throw away from Seattle HQ tests positive for COVID-19 coronavirus


Plus mortality rate at present is being estimated assuming that we have a functional health care system. If 20% of the population go down with this at once and 4% of those fall into the "critical" category then we're talking about more than 500,000 people in the UK needing ICU treatment at any one time. That still leaves the 15% with "severe" symptoms to fend for themselves at home. Better hope that you're one of the 81% with only "mild" (whatever those are!) symptoms.

Would-be .org gobbler Ethos Capital promises to keep prices down in last-ditch effort to keep $1.1bn deal alive


10% per year for 8 years means that they "only" double the price (plus a bit more).

Startup Mycroft AI declares it will fight 'patent troll' tooth and nail after its Linux voice-assistant attracts lawsuit


Pretty sure that Amazon & Google have a vested interest in this sort of thing.

Alexa, find me a patent troll

No Motorola Razr comeback orders in 2019: Costly foldy nostalgia mobe pulled back


"with just 6GB of RAM and 128GB"

That's 384 times as much RAM and 650 times as much storage as the first mainframe computer that I worked on and that ran the entire UK network for a very large insurance company.

Radio nerd who sipped NHS pager messages then streamed them via webcam may have committed a crime


> to make the content of the communication available to someone who is neither sender nor recipient"

Under that clause, is it not the responsibility of the NHS trust in question since it is them that are making the content of the communication system available by broadcasting it in plain text in the first place?

Fairytale for 2019: GNOME to battle a patent troll in court


How can they have a patent dated 2018 about this. Surely there is prior art and history showing it's already been done.

Virgin Media promises speeds of 1Gpbs to 15 million homes – all without full fibre


Have they fixed their crappy "superhub v3" so that it actually works yet? The one with the dodgy Intel chipset.

London's Metropolitan Police arrest Julian Assange


Re: International Law

Assange was never a refugee. A fugitive from justice, maybe. Refugee, no.


> Just yesterday his news leak org claimed that blackmailers had threatened to reveal "sexual" things alongside other details

> of Assange’s life inside the embassy; the group claimed that miscreants were trying to squeeze €3m out of it.

You mean he got one of those emails saying "I caught you in front of your computer and your password is 'password'"?

Well Holby damned! We've caught a virus: Brit medical soap operas team up for 'cyber' episode


Shouldn't it be that the outbreak is magically stopped by a malware author turned security researcher...

Awkward... Revealed Facebook emails show plans for data slurping, selling access to addicts' info, crafty PR spinning


Yes, they really seized them


TL;DR: "Rarely used parliamentary powers were used to demand that the boss of a US software firm hand over the details." and "In a highly unusual move the House of Commons serjeant-at-arms was sent to the businessman's hotel and he was given a final warning and a two-hour deadline to comply with the order."

Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy'


Fixed in kernel-3.10.0-862.14.4.el7

World's oldest URL – fragments 73,000 years old – discovered in cave


From the extrapolated drawing seen in "b", it's perfectly obvious that this is actually the stone that used to sit in the original estate agent's window and is advertising a teepee for sale. One careful owner, all mod cons including a central fireplace...

Fix for July's Spectre-like bug is breaking some supers


The bug is already identified and a fix has been provided (unofficially) for CentOS. The CentOS bug report for this is https://bugs.centos.org//view.php?id=15193 and the fixed version is on https://buildlogs.centos.org/c7.1804.u.x86_64/kernel/20180820114938/3.10.0-862.11.6.el7.bug15193.x86_64/ and the fix has also been incorporated into the latest CentOS plus kernel kernel-plus-3.10.0-862.11.6.el7.centos.plus.1.x86_64.rpm

Home Office seeks Brexit tech boss – but doesn't splash the cash


So.... interviews at the start of October, by the time they've interviewed the candidates and made their decision and had an offer accepted it'll be at least the end of October. Wait 3 months for them to resign and be released from their current job and they'd be starting around Feb 2019 and this all has to be up and running by March. So start in Feb, fired in March. Good job!

Why the fsck has this person not been in place since June 24th 2016?

Batten down the ports: Linux networking bug SegmentSmack could remotely crash systems


> Most enterprise-grade Linux distributions do not yet use kernel 4.9 or above so aren't immediately affected.

Unfortunately not true. Redhat have a page https://access.redhat.com/articles/3553061 that says that RHEL6 and 7 and even 5 (which is quite dead) are all affected by this bug.

Scam alert: No, hackers don't have webcam vids of you enjoying p0rno. Don't give them any $$s


I've had two of these mails in the last 3 days and both told me that my password was 'changeme' which, to the best my knowledge, is not one I've ever used anywhere for anything. I vaguely recall it used to be the default password for some java key store as delivered from Sun/Oracle but it's certainly not one I'd choose to use (much too complicated, mine are all 'password', honest). They can send me as many as they want but since I already know I've never been anywhere near an adult site and most likely never will, I'm not likely to be paying anyone anything.

Europe's scheme to build exascale capability on homegrown hardware is ludicrous fantasy


> So EU, find the cash, somehow, give it to Atos


(An ex-ATOS employee)

Indiegogo lawyer asks ZX Spectrum reboot firm: Where's the cash?


Who'd keep half a million squid in a paypal account. I get worred if I have a fiver in mine!

If you're a Fedora fanboi, this latest release might break your heart a little


> Linux tip: Avoid Nvidia graphics cards if possible

Really? That may have been true about 10 years ago but these days they pretty much just work. Besides, the main alternative would be AMD and theirs are far far worse.

Monday: Intel defector touts Arm server chip. Wednesday: Intel shows off new server chips


Or perhaps the news release has to do with the leaks... https://www.anandtech.com/show/12387/skylaked-creeps-out-on-intels-price-list

EE Business Broadband digital transformation: Portal offline until July


Code review?

Someone did a code review and discovered it leaked like a sieve and was unfixable?

El Reg assesses crypto of UK banks: Who gets to wear the dunce cap?


What happened to Nationwide?

Why are we disappointed with the best streaming media box on the market?



Didn't that ship sail about 5 years ago with no-one on board?

Fore! PCI Express 4.0 finally lands on Earth


El Reg left hand, meet right hand...


Huge ransomware outbreak spreads in Ukraine and beyond


So let's get this straight, this exploits the same vulnerabilities as the last one that made headlines all over the world and crippled various organisations and yet, some people still didn't patch against it?

sympathy-o-meter firmly pegged on 0 here.

'OK, everyone. Stop typing, this software is DONE,' said no one ever


CentOS 6 is in production phase 3

So... yes, CentOS 6 is "supported" until 2020 but the upstream RHEL that it's based on and receives all its patches from went into what Redhat call "Production Phase 3" on May 10th 2017. That means that only security vulnerabilities that Redhat class as "critical" will now be fixed. Anything that's merely "important" or less gets patched if they feel like it and judging by the things that _didn't_ get fixed in RHEL5 once that reached PP3, that's going to mean that CentOS 6 gets less and less secure over the next 2.5 years until it goes EOL.

Canonical sharpens post-Unity axe for 80-plus Ubuntu spinners


All this stuff about not rebooting when there's a kernel update. Without the reboot you're still running the old, potentially exploitable kernel. But who needs security anyway, eh.



Biting the hand that feeds IT © 1998–2021