* Posts by Mookster

115 posts • joined 4 Oct 2009

Page:

As Brit cyber-spies drop 'whitelist' and 'blacklist', tech boss says: If you’re thinking about getting in touch saying this is political correctness gone mad, don’t bother

Mookster

Gandalf is confused

very confused.

Amazon settles for $11m with workers in unpaid bag-search wait lawsuit

Mookster
IT Angle

Re: Who would work there?

Anyone who works in a supermarket.... there was always a clause that they *could* search your bags. Every now and again, they did it to remind that they could.

If you're wondering how Brit cops' live suspect-hunting facial-recog is going, it's cruising at 88% false positives

Mookster
Headmaster

It's not as if this is an exact science. Each comparison generates a score. It depends on the configured thresholds how high a score is needed to give a "hit"

Are you who you say you are, sir? You are? That's all fine then

Mookster
Thumb Up

Card machine not working -> Free Breakfast

Once happened to me at a bakery in Oslo. Everyone in the queue got their purchases for free

Ohio state's top legal eagle just made it harder for the FBI, ICE, cops to snoop around its DMV DB for people's faces

Mookster
Big Brother

There are searches, and then there are searches. 1:N search of a face against the DMV would require the DMV to be using an ABIS system, which only has one purpose. The article tries to imply this, but....

Not very Suprema: Biometric access biz bares 27 million records and plaintext admin creds

Mookster

Re: Storing fingerprints in clear-text?

Normally you would store the minutia, which can't be reversed to a fingerprint image.

Mookster
Headmaster

You don't hash fingerprints, you store minutia.... which you can't reverse back to fingerprints

BT staffers fear new mums could be hit disproportionately by car allowance change

Mookster

Does this mean that they get to keep the company car during maternity leave? At least here, in Finland, they take the car away...

Security storm brewing for Oracle Java-powered smart cards: More than a dirty dozen flaws found, fixes... er, any fixes?

Mookster
Facepalm

and when was the last time you had permissions to install your favourite applet on your SIM or bank card?

All good, leave it with you...? Chap is roped into tech support role for clueless customer

Mookster
Childcatcher

Re: "This will only take a second..."

bought them a new PC as a present, before the old one got too smelly

How many Reg columnists does it take to turn off a lightbulb?

Mookster
Paris Hilton

discovered that a grouping of 2-3 mars or marathon bars looks like explosive on the machine

Paris: likes a mars bar party

US Supremes urged by pretty much everyone in software dev to probe Oracle's 'disastrous' Java API copyright win

Mookster
Boffin

All your Javadoc is ours?

It isn't a trivial task to define and document APIs, which includes the interface and all the data objects that pass through it.

..Java has 4000 classes:

https://docs.oracle.com/javase/8/docs/api/

the ruling says that it's not OK to "borrow" all of them.

I agree that Sun, when promoting Java, acted all hippy, open-source, but there is still a copyright statement at the top of each source file.

Crypto crash leads to inventory pile-up at Nvidia, sales slaughtered

Mookster

I'm going to guess the gross margin on a $1000 video card is A LOT larger for Nvidia

Retail is Retail. 1/3 to make the thing + 1/3 + 1/3 to retailer

Sure, you can keep Grandpa Windows 7 snug in the old code home – for a price

Mookster

Re: Updating to Windows 10

Keys are nowadays, in the bios

Mookster
Headmaster

Re: Prevaricating?

oh no. It means "putting off" (at least where I come from)

Mookster
Paris Hilton

Half an hour won't satisfy Paris, let-alone M$

Half an hour won't satisfy Paris, let-alone M$

Oof, are you sure? Facing $9bn damages, Google asks Supreme Court to hear Java spat

Mookster
Paris Hilton

Re: Far reaching repercussions...

because you can, of course, knock up an API in a couple of minutes. I'm sure that all Java.se APIs were created in less than a day...

Paris, likes being knocked up.

Fake broadband ISP support scammers accidentally cough up IP address to Deadpool in card phish gone wrong

Mookster
Facepalm

You forgot the DDoS

1) Obtain Scammers IP address

2) Knock them/their-ISP/their-country off the interweb

3) Make it clear that the scammer's are to blame

Privacy, security fears about ID cards? UK.gov's digital bod has one simple solution: 'Get over it'

Mookster
FAIL

FFS

Living in a country with ID cards life is so much easier.

- Open Bank: use ID card

- Hire a car: use ID card

- any Council Service: use ID card

No faffing around, trying to prove your identity with Gas bills ever again...

(besides, the security services already know what you are)

Mobile networks are killing Wi-Fi for speed around the world

Mookster
Angel

What is this "Metered Data Plan" of which you speak? Here in the Nordics, only mobile data _speed_ is limited, you can take as much as you like

Where to implant my employee microchip? I have the ideal location

Mookster

Re: Enter at rear

Man-traps

Mookster

Re: Security is always fun

but it's against PCI-DSS to have the access mechanism identify the building..

Boom! Just like that the eSIM market emerges – and jolly useful it is too

Mookster

Re: @AC

Apple went to standardisation. eSIM is accepted to be "the same" as a real SIM

Mookster

The whole point of eSIM is that it prevents attackers from extracting the IMSI code (which is all you need to clone)

Mookster
Big Brother

All SIMs are reprogramable - you just need the right GlobalPlatform keys...

Pain spotting: Russia's Aeroflot Docker server lands internal source code, config files on public internet

Mookster
Headmaster

if it's been done properly then there's no risk in exposing the source code..

if it's been done properly then there's no risk in exposing the source code..

'Incommunicado' Assange anoints new WikiLeaks editor in chief

Mookster
Paris Hilton

Paris accuses him of "changing lanes without signalling". He ends up in another Ecuadorian "prison"

Mookster
Facepalm

Next time he goes on the balcony, get a couple of big chaps to "send him off". Then he's back in the UK, after he lands on the pavement.

AWS sends noise to Signal: You can't use our servers to beat censors

Mookster
Facepalm

There's a bug/typo in AWS description of the problem. Second connect should be http not https...

1) make TLS connection to souk.com

2) make http request, through TLS tunnel, to: other.site.on.aws.com (OK, pedants may still call this https)

23,000 HTTPS certs will be axed in next 24 hours after private keys leak

Mookster
Facepalm

Re: Private keys are private

"With any PKI system if you need to move or copy the private key from the box it was created on, then you are likely doing something stupid."

(there, I fixed it for you)

In any PKI system it shouldn't be possible to move or copy the private key from the box it was created in. If you can, then you are likely doing something stupid.

So use an HSM.

Farewell, Android Pay. We hardly tapped you

Mookster
Facepalm

Re: What could possibly...?

you know that you can get virtual credit cards that are only valid for one transaction...

Mookster

Don't kid yourself, banks charge when you deposit cash.

Mookster

Re: What could possibly...?

Mmmm you have to scan the MRZ to read a passport. The, for the UK one, you can read everything (there's no fingerprints). For others, with fingerprints, you need your own keys to get access.

Use ad blockers? Mine some Monero to get access to news, says US site

Mookster
Devil

Teh Independent

Anyone had problems with The Sindy? 3 open tabs kill my PC - it would be an outrage if they weren't mining.

Let's Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers' domains

Mookster
Facepalm

Liability

Without any liability for misuse, it's all a confidence trick. The identity proofing done by let's encrypt isn't that far from what's done by goMommy et al.

What do we want? Consensual fun times. How do we get it? Via an app with blockchain...

Mookster
Facepalm

Hasn't this been around for a while?

Didn't it used to be called "Marriage"?

Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs

Mookster
Boffin

TEE

So, does this also shaft TEE?

Happy birthday: Jimbo Wales' sweet 16 Wikipedia fails

Mookster
Paris Hilton

Re: The Jenkem effect

all very well, but the article hardly screams "hoax" at the top...

(Paris, 'cos I'm shure she'd love to)

Gemalto: Cheers for that 'unsolicited' €4.3bn bid, Atos. We'll think about it

Mookster
Headmaster

"mobile chip-smith Gemalto", says hack having read 2007 annual report. What about HSMs, biometrics, passports?

Oregon will let engineer refer to himself as an 'engineer'

Mookster
Headmaster

UK had IEE not IET

The IEEE is for USA-ians. Back in the day there was the Institute of Electrical Engineers, in the UK. After a grand merger, maybe 10 years ago, it's the Institute of Engineering Technology, (http://www.theiet.org/)

..and still the bcs hasn't been mentioned.

Java security plagued by crappy docs, complex APIs, bad advice

Mookster
FAIL

Re: General issue

'"They found that many developers do not understand Spring"

Problem java EE over engineered complex bloated.'

er, Spring pretty-much replaces java EE. You can use tomcat instead of jBoss...

The power JavaScript: 'Gandalf of JS' Wirfs-Brock on ECMAscript 2017

Mookster

It's really best to avoid threading on a webserver, otherwise it confuses the code-monkeys. KISS: each caller gets their own thread.

Bloke fesses up: I forged judge's signature to strip stuff from Google search

Mookster
Joke

"Of course that is a real sapphire. Look at this certification of natural gemstone I have for it, signed by a noted gemologist"

Look, the signature is on the blockchain...

Why the Apple Watch with LTE means a very Apple-y sort of freedom

Mookster

Re: Virtual ?

It contains an env that mobile operators (just about) trust to download their secrets into i,e, it's probably independent, certified, etc.

Video nasty lets VMware guests run code on hosts

Mookster
WTF?

VMware is mainly for servers, right? Why would anyone _really_ need a server with a head?

Vodafone won't pay employee expenses for cups of coffee

Mookster
FAIL

Re: Fair enough

Did you never notice that salary is taxed, while benefits aren't?

GTFO of there! Security researchers turn against HTTP public key pinning

Mookster
Facepalm

OCSP

The mechanism is there, browsers don't use it - FFS they're online. A couple of extra extensions, to tell the next cert' if the current has expired, and bob's your uncle.

UK IBMers lose crucial battle in pension row

Mookster
Facepalm

At Sony, in the late 90s, they decided that new employees would be on a defined contributions pension. Existing employees were given the option of staying with defined benefits or getting a payout to switch.

2009 seems a bit late for this sort of thing..

Android-ocalypse postponed: Jide withdraws Remix OS from consumer frontline

Mookster

Re: Expensive PC...

I can't imagine a 600 Euro PC lasting more than a year... In the real world, you are given the next Dell every 3-4 years.

Thanks for U-turning on biz-killing ban, Ofcom – now cough up, say GSM gateway bods

Mookster

Re: 999

Back in the day, mobile phone marketing in the UK was based on "using in an emergency". Emergency calls always cost something.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020