* Posts by Tim Read

5 publicly visible posts • joined 16 May 2007

Security researcher warns over Dropbox authentication security flaw

Tim Read
FAIL

Dropbox & Roaming Profiles = insecure

I was looking at Dropbox a couple of days ago after noticing that Dropbox installs itself in the user's Roaming Profile directory under Windows 7 (same for XP). Dropbox adds about 25MB to a user's roaming profile, which is undesirable and slows down user logon/logoff.

User roaming profiles *should* be well secured on the corporate fileserver(s), but Domain Admins & Support Desk staff often have Read access for troubleshooting purposes (e.g. roaming profile bloat). See where I'm going with this... Anyone with access to the user's roaming profile will be able to access a user's Dropbox config.db file.

Roaming profile bloat? Check.

Insecure? Check

'Crazy rasberry ants' target Texan tech

Tim Read
Stop

sp!

<pedant>

That's not how you spell RASPBERRY

</pedant>

Eee PC: better with Windows?

Tim Read

Windows Pagefile

I'd recommend, if you're running Windows on the Eee PC, that you move the Windows pagefile onto the flash memory card (preferable) - or run Windows without a pagefile (not ideal with 512MB of physical RAM). Windows writes to this file a lot, and you don't want to waste read/write cycles on the internal flash storage on this.

Unfortunately I don't think you can move the hibernate file off the internal storage.

Fancy an earful? Click here for tech support

Tim Read

Down boy!

Rufus is a muppet. The Downloads link may indeed be on the front page, but the link to the firmware that the customer wanted is not a live link, so it's useless... unless, as the customer did, you view the page source and work it out. Not straightforward. Methinks Rufus needs to chill out and maybe go on some customer service training. Insulting customers isn't good business practice.

US 'war czar' to attack internet safe havens

Tim Read

latest weapon in War on Terror

Excellent - I look forward to the newest US War on Terror acronym - the 'Department of Defense Distributed Denial of Service' or DoDDDoS for short :-)