* Posts by Infernoz

597 publicly visible posts • joined 20 Sep 2006


Infosec eggheads rig USB desk lamp to leak passwords via Bluetooth

Infernoz Bronze badge

Re: and this is why I'm wary of public USB chargers!


It's a hand made hobby project in New Zealand, and only supports _very dated_ USB 1.0, so pretty much useless for all by keyboards and some mice, _not_ storage, which is USB 2.0 and often USB 3.0 now, so not very useful.

When he can mass sell a toughened USB 3.0 version, at a sensible price, say via Kickstarter, maybe then I'll be interested.

Horsemen of the disk-drive apocalypse will ride upon 256TB SSDs

Infernoz Bronze badge

Re: So for personal backup...

@Paul Crawford

Agreed, FreeNAS OpenZFS (scheduled) dataset snapshots have saved me several times for accidentally deleted files. The Windows 10 versioning seems far more awkward!

FreeNAS offers superior data protection with OpenZFS, and usually doesn't need SSDs for speed, because of the large Parity RAM cache.

Infernoz Bronze badge

Re: SSD is fine - while it works

@Lee D

Write limits can be hit much faster than you expect if you don't ensure that TRIM is supported and enabled in hardware/firmware/OS/drivers, especially if you leave default RAM swap and defrag. configured as-is, eventually the SSD gets premature block wear failures; I discovered this the hard way, no thanks to f'ing Intel's refusal to support TRIM in software RAID1 drivers for older X* desktop chipsets!

I only use SSD for boot disks, everything larger uses magnetic disks because they are still _much cheaper_, and I disable swap when possible, because SSD swap will cause faster SSD wear and is still several orders of magnitude slow than RAM; you _will notice this when I/O bottlenecks_, especially on crippled laptop chipsets/CPUs!

SSDs are still several times as costly as magnetic disks, so nowhere near as affordable for high capacity uses like proper NAS RAID e.g. ZFS ZRAID2+ with a many GB RAM cache, which is a lot faster than any SSD!

No, Apple. A 4G Watch is a really bad idea

Infernoz Bronze badge

Indeed, even an uncased small mobile is a hassle to take out of a trouser pocket, worse for a cased/larger mobile, probably more so that a pocket watch on a chain, and it's a bad idea to have a pulsed microwave transmitter near your manhood!

70% of Windows 10 users are totally happy with our big telemetry slurp, beams Microsoft

Infernoz Bronze badge

Re: 29% Windows users

And some of us use microsoft-spying killer-software and a lot of router-firewall, domain-name, blocking-rules, ha!

New Amiga to go on sale in late 2017

Infernoz Bronze badge

Decades too late!

I chucked my A500 and A1200 back in the 20th century, but have some archived Amiga CD and book rips.

New Amiga hardware is also rather pointless nostalgia when you can get Amiga emulators even on Android phones/tablets, which are probably a lot faster than even the original Amigas.

Also IDE is dead for years now; I've already recycled loads of obsolete and duff IDE and SATA drives for the very strong, head "speaker-coil" magnets :)

Assange offers job to sacked Google diversity manifestbro

Infernoz Bronze badge

Re: OED definition of bigot: A person who is intolerant towards those holding different opinions.


I don't trust all dictionary definitions anymore because some original definitions have been subtly/ grossly altered and/or extended for overtly political reasons, including the dishonest extension of the word Pirate (violent boarding and theft from a ship) to apply to non-violent, copying of IP, with only fictional damage.

Not all arguments are worth considering, some debaters are idiots, sophists (including out-of-context usage) or liars when they accuse others of being a bigot, and the targets may not trust the other parties to argue honestly. Most people are probably not aware of the books "Influence" and "Pre-influence", and how people can be manipulated.

The words/concepts Fascist and Nazi have also been abused, and don't mean what a lot of people think they mean, due to selfish Zionist propaganda and lazy over use, thus Godwin's Law.

I would not consider anyone a Bigot for rejecting false-choice Hegelian-Dialectics, or any of the Cultural-Marxism cultural-sabotage-weapons of the Frankfurt School's, and it's disciple's, including political correctness, feminism, post-modernism, victim culture, and Marxist invented concepts like Racialism etc.; all to prepare the way for dictatorship, where all the useful Marxist idiot activists, including SJWs, will be tragically and mercilessly executed, as previously demonstrated by USSR policy and actions!

Infernoz Bronze badge

Re: Assange shouts at world to stop forgetting him

@ Kevin McMurtrie

What the Google employee wrote was polite and well reasoned, which should not be disruptive or controversial at all. It was the irrational SJWs who made Dialectic argument controversial, because it doesn't fit their fantasy "narratives", so they spew loads of Rhetorical noise, use implicit/policy censorship, and some "moderates" even lazily side with the SJWs!

He was probably trying to gather support inside, obviously SJW infested, Google to challenge unfair SJW policy and discrimination, because he was aware of the damage it was causing inside Google, but may not have realised that HR is a common SJW target and stronghold, specifically to corrupt the rules and policies of an organisation, to hijack it!

He should have read the book "SJWs always lie" for how SJWs can be defeated.

Tech giants warp eco standards to greenwash electronics, rake in cash

Infernoz Bronze badge

Pompous Git too right and off-topic.

A bicycle is very low impact because it uses so little material, is far cheaper to delivery and maintain, needs vastly less total energy for total lifespan, possibly for several decades of life (much longer than most cars), and as a bonus gives the rider exercise, so lowing health costs for other people, including waiting time. And cyclists are far less vulnerable to fuel issues like an empty tank or fuel shortages.

I find it hard to believe that a motor vehicle is so damned flawed that it can't be driven economically at speeds sensible for residential areas (i.e. to not kill a pedestrian during an accidental collision); if it can't due to to wide gear stepping, get a vehicle with a better gearbox, and if you can't be arsed to step down gear, that's your fail. Two abreast cyclists can easily fit within a fraction of a car footprint, so are much easier to _safely_ overtake.

Bicycle riders are just as entitled to use the road because they also pay taxes for the roads via general taxation, so STFU with the girly bitching...

On-topic, corporations are out-of-control and must lose a lot of usurped power, including false person-hood, or better still be abolished and replaced by a fairly designed business vehicle with far less 'rights', and stricter responsibilities and restrictions e.g. a very real legal requirement to do no evil and not lying (including Greenwashing), or risk termination.

Core-blimey! Intel's Core i9 18-core monster – the numbers

Infernoz Bronze badge

Re: Intel's Core i9 revealed to reach 36 cores. Not.

Lastly i9 are ridiculously expensive, so more GPU capacity maybe better value, in part because GPUs maybe better for parallel signal processing.

Yes, most of those i9 cores will probably chock unless reserved for only 2 hyper-threads mostly working with code and data in the core L1 cache; the more context switches and L1 cache misses the slower the code will run!

Google diversity memo: Web giant repudiates staffer's screed for 'incorrect assumptions about gender'

Infernoz Bronze badge

Re: Dare I say

Diversity is not enough, because it is commonly rhetorically hijacked by Cultural Marxist disciples and useful SJW idiots. People having just different backgrounds is not enough, you must also ensure that they really are relevant, have merit, and can be trusted not to lie or deceive!

SJWs like to sneak into organisations via diversity holes in organisational security, then gradually hijack the organisation e.g. via HR in business organisations! See the book "SJW always lie" and see why unchecked diversity can be dangerous!

Infernoz Bronze badge

Re: Dare I say


Innate sex specific preferences observed in unbiased baby studies strongly suggest that girls prefer a dolls and other typical female toys, and males preferred techical objects like Lego or Meccano, the Nordic feminist 'researchers' are full of manure.

Even if some girls are competent at STEM, is it really a good idea for continue enabling young women to start/have further education or careers, where this independence enables the Hypergamy nature of women, which causes progressive psychological ruination that progressively poisons all future relationships with males, including (too late) marriage to a gullible Beta male with inadequate/no children, risky extended unprotected Estrogen exposure cause by late/no child birth and breast feeding, more genetic defect risks for late children, and many more divorces initiated by spoiled slut women?!

No, the google employee is spot on, "SJWs always lie", it is time for all K-types to wake up, counter, and crush all the degenerate, lying r-type cults of feminists, SJWs, and Collectivists; which are also progressively destroying 1st world nations, including inadequate births of (typically smarter) native/founding people; 3rd world "replacement" immigration is the wrong answer because it is effective cultural suicide, they often have incompatible r-type culture, are often far less intelligent, and mostly troublesome young males! This 1st world female Hypergamy ruination is even progressively spreading to developing countries!

Send mixed messages: Mozilla wants you to try its encrypted file sharing

Infernoz Bronze badge

Re: to check for hashes associated with known unlawful images and videos.

Providing a separate digest of the unencrypted content of _private_ end-to-end encryption is security negligence; it violates privacy and may even aid cryptographic cracking!

Any IP arguments for passing/retaining hashes are a irrelevant; IP businesses routinely abuse fair use and false positive block, and IP is a stagnant swamp anyway. Also, the political arguments against complete cryptographic privacy are corrupt thuggery to protect politicians and elite from the public, not protect the public; the real solution to Islamic terrorism is rapid deportation/voided-nationality, banning Wahhabi funding of Muslim organisations, banning Mosques (Sharia Courts), and banning Islamic schools.

Mozilla should stop wasting time on redundant fluff like this, kick out _all_ the SJWs, who used specious SJW tactics to get rid of the previous head (now running Brave), finally make a browser which never stalls all windows (_still_ not f'ing there yet!), and damned well retain the old extension APIs until they provide much better migration support in the new extension APIs. The extensions are the main reason why I still use alt. builds of Firefox, like Waterfox, never the Mozilla builds with damned Pocket etc.

WannaCry-killer Marcus Hutchins denies Feds' malware claims

Infernoz Bronze badge

Re: A question for some American lawyer

It sounds like the US 'law' (statute policy) enforcers should be sued for slander, libel, kidnapping, coercion, extortion etc. for this completely unfounded persecution and unfair process. Oh course the neo-con, criminal thug, infiltrated state will probably just say get lost.

The UK should end all deportation agreements with the rogue corporation called the USA, because they take the piss with their deportation requests too!

Non-US computer security people should blacklist the US as a place for meetups because the USA corporation can't be trusted not to arrest foreigners on flimsy and bogus evidence!

Personally, I will never even consider visiting the US while they have their TSA thugs and unsafe human body scanners!

In the red corner: Malware-breeding AI. And in the blue corner: The AI trying to stop it

Infernoz Bronze badge

Pattern matching is dumb, thus anomaly detection, with history and rollback.

You can't train a detection system for patterns it hasn't seen yet, but you can put traps, like trip-wires and honey pots, and other anomaly detection in-place, and use a rolling audit of seemly OK previous behaviour for alerts and to dynamically re-train detection systems to quarantine later similar malware before it can do much or any damage. Having OS enforced application level permissions would also help, including faking access, to "honey pot" trick malware into revealing itself better.

If I was writing malware, I'd probably use random salted compressed and encrypted launch/payload sections, including deceptive "buggy" code/data and resource access, to defeat easy binary-pattern and behaviour detection.

Brit voucher biz's signup page blabbed families' details via URL tweak

Infernoz Bronze badge

1. The number should be a strong cryptographic digest of the request id and salt, so that changing a few number won't work and failed attempts are logged with their client IP address.

2. A password reset page should never show any more than the user name/id.

3. The business may be in breach of the data protection act for showing other users personal details!

Ohm-em-gee: US nuke plant project goes dark after money meltdown

Infernoz Bronze badge

Western Digital may find that their unreasonableness soon costs them dearly!

The Japanese nominated bankruptcy management, for a bankrupt Toshiba, may get a ruling saying that there US "arbitration" has no jurisdiction in Japan, so get stuffed!

Anyway, why the frack aren't much safer Thorium Reactors being built already? I thought that the main driver behind Uranium Reactors was US military need for Plutonium via processed "spent" fuel, and that should not be necessary for new reactors!

Sun of a b... Rising solar temp wrecks chances of finding ET in our system

Infernoz Bronze badge

Gravity and Van Allen Belt

I think that there's a lot more favourable about Earth's environment:

* It has a moon, so a stable tilt, seasons, and tides.

* It has enough gravity to retain an atmosphere, all the gas and water will just escape into space, and an ozone layer significantly reduces the UV, so that life isn't burnt away on the surface.

* It has a large enough magnetic core and stable enough rotation, to cause a strong enough magnetic field, thus the Van Allen Belt, which shields against most of the hard solar and interstellar radiation.

Autonomous driving in a city? We're '95% of the way there'

Infernoz Bronze badge

Re: 95% done or 95% of the work remaining?

I suspect that there will be situations where the machine "intelligence" (really a hyped-up and limited state machine) will not cope because it can't adapt and will cause avoidable accidents which would get a human driver mocked, insulted, attacked, or prosecuted for!

I also expect a rising number of vandalized/rammed vehicles after "driver-less" vehicles start to make serious inroads into commercial and transport driving, because they'll put loads of people out of work. What are all those people going to do, given most work will become more skilled? They'll eventually rebel/riot! Also, demand for the vehicles will ironically decline, because there will be less people with sufficient income to afford to use them or the goods they deliver, compared to earlier human driven vehicles!!!

Blindly adding more technology for (fake) "progress" (a common communist-like misuse of the word), which mostly benefits rich people, is a very bad idea, and only will speed-up the on-going decline of developed countries, warned about by "Unabomber" Ted Kaczynski's Manifesto, and others referenced by the "Return of Kings" web site. We should have learnt the dangers of fake "progress" from the rise, stagnation, and collapse of Rome, and earlier civilizations!

Making everything thing easier (e.g. by automation) is dangerous, because it gradually encourages parasitic rentier corpocracy, encourages parasitic socialism, encourages r-type degenerate humans, rots the spirit of Man, and eventually leads to nation and/or civilization collapse!

AI quickly cooks malware that AV software can't spot

Infernoz Bronze badge

Indeed, white listing is a critical part of good security, unfortunately someone/something needs to build and maintain the list; that's fine for a closed system, but probably impossible with all the valid non-corporate, unsigned software flying around, so like Android and iOS, programs must declare their what they need to access, and not just be escalated for coarse undefined behaviour, and the OS must enforce this and even limit/block some requested access, something Android should damned well allow non-admin users to do!

The problem with bugs is you can only fix them after you have identified them, and some can be very subtle or caused by "code blindness".

It took DEF CON hackers minutes to pwn these US voting machines

Infernoz Bronze badge

No to UK e-voting, for many of the same reasons why we must retain physical cash, including anonymity of use.

e-voting is much easier for state or other agents to tamper with; other parties could be framed on discovery, and/or voters are tracked for later coercion/retaliation.

I also think that UK and US political systems no longer really represent the voters and that representation is far too granular/dated, and should be upgraded to a more decentralised model like Swiss model, something which the tyrant Abraham Lincoln moved the US away from by effective USA federal annexation of the US states via the US civil war for anti-slavery lies.

US vending machine firm plans employee chip implant scheme

Infernoz Bronze badge

Re: Just like Futurama career chips?

They could stick your hand in an EMP cavity, possibly a Microwave, to zap the chip, and won't care if your hand or more is cooked too, because extraction surgery could be a lot more expensive for them, especially with or without a 360 Degree X-Ray of the hand... Another approach could be to put magnet attractive metal in the chip and use a powerful electromagnet to find it, and hope they never get sued for damages after a medical EMR (super-conducting electromagnet) scan over the hand! Who knows, an medical EMR scan may even zap the chip.

Anyhow, it's a really risky/dumb idea, because it could cause hand irritation and injury, and be a prevalent security risk, because it may not be feasible to fully RFi screen the chip outside work!

Sweden leaked every car owners' details last year, then tried to hush it up

Infernoz Bronze badge

Re: "as much value as a truckload of dead rats in a tampon factory"

Yes, men should be wary of women having access to data like this because there brains are not hormone wired so well for technical security thinking! Also WTF were the database access controls to forbid access to restricted and higher security data, even in a stupidly monolithic database!

Q. What's today's top language? A. Python... no, wait, Java... no, C

Infernoz Bronze badge

Re: Learn all of them, but NOT Java

Or for most Java accessors, use project Lombok for much shorter code; it also covers lots of other common boilerplate code, including constructors, and common logging declarations.

Explicit accessors are sometimes compulsory, for validation and security-copying (to prevent mutable object exploits), and trace logging.

A lot of Python frankly looks like write-only code, because it never required type declarations method/function declaration, and I also suspect a lot of security/performance issues given how many easy, but dangerous assumptions it makes! I also view the Python API docs web pages as quite primitive and fugly compared to other language API docs like JavaDocs.

Bluetooth makes a mesh of itself with new spec

Infernoz Bronze badge

Should be really useful for a Local of Things mesh

e.g. Sensors and control.

So you could have very cheap, cordless, coin-cell-powered, environment sensors in every room, and be able to monitor them from central device and have distributed displays. Also power control and power use sensing could become a lot cheaper than ridiculously expensive and IP range consuming WiFi versions!

I hope that the spec. addresses security too, because even sensors could become a security risk.

UK regulator set to ban ads depicting bumbling manchildren

Infernoz Bronze badge

Re: This is a good thing

I agree that that a lot of cleaning product labelling is annoying and deceptive, but because iffy/bad stuff has made it's way into _most_ products, both plain and fancy, so you should get educated and check the contents before you buy them e.g. they can contain carcinogens, endocrine disruptors (fouls up hormones, including T), irritants, poisons (Aluminium, Toluene, Fluoride), etc.! Some brands of products can be a lot better quality with little or no harmful stuff e.g. Ecover and Bull Dog.

Nearly three-quarters of convicted TV Licence non-payers are women

Infernoz Bronze badge

This was one of the last programmes I watched from BBC, but the growing subtle and blatant political correctness, including historical absurdities, and SJW themes made me feel sick from the gross insult to my identity and intelligence! Absurdities including the ridiculous girl power (misandry), White-Knighting, WTF inappropriate race, and other corrupt themes!

Infernoz Bronze badge

Re: See me...

WTF, people as still being conned to incriminate themselves, but then emotional thinking can hurt a women's judgement/resolve! No one should be ending up at these fake courts.

Any informed, alert and assertive person can stop these fishing expeditions dead outside the house, by simply refusing to recognise their supposed authority and turning them away like any unwanted door-step salesman or charity shyster.

Hey, remember that monkey selfie copyright drama a few years ago? Get this – It's just hit the US appeals courts

Infernoz Bronze badge

Re: Corporations - meh

Not just a mere off day, more like insanely evil, because it effectively elevates these legally-required-to-be-psychopathic zombies above humans! Corporations should have significantly less power than living human beings!

Infernoz Bronze badge

Re: Devil's Advocate

PETA are simply insane, human-hating, SJW Marxists, no more needs to be said...

Infernoz Bronze badge

Re: Just sayin'

It was a historical corrupt abuse of the fixed-lifespan, state-created-entity, called a Corporation, to ever allow it to be abused as a zombie business entity!

It was a monstrous legal abomination and corruption of US emancipation statute 'law', to ever class the fictional zombie business entity, called a corporation, as a person.

A real person is only ever a living human being; I don't give a frack what the legal liars say in the demonic Blacks Dictionary etc.!

G20 calls for 'lawful and non-arbitrary access to available information' to fight terror

Infernoz Bronze badge

Lawful my ass..

Lawful only correctly applies to Common Law, not imposter laws like legal statutes, despite state legal BS!

E2E encryption totally fracks up in-line interception because that is the dialectic for it's existence and use, and statist technocrates exposed abuse caused it's use to explode, but frustrated statists keep spouting useless, sophist, rhetoric! Tough, cryptography is deliberately build from solid mathematical rules to be secure, and no amount of illiterate wishful thinking, tantrums, BS, and authoritarian demands will change this!

As the ex-GCHQ boss said, they can now only seek to try to compromise the end point devices.

If they attempt to force an end point compromise by businesses offering E2E services, this will get leaked and those businesses will go out of business, and people will then only trust vetted OSS E2E!

Photobucket says photo-f**k-it, starts off-site image shakedown

Infernoz Bronze badge

...until it isn't because stuff changes which you weren't told about before and/or didn't expect!

That includes free/cheap being a temporary illusion, like a drug dealer temporary giving freebies to create a pool of future addicted customers, cheap printers (but expensive ink), or socialist Ponzi schemes like a state national health service or a state pension scheme!!!

Australian govt promises to push Five Eyes nations to break encryption

Infernoz Bronze badge

Re: Five eyes...

Also there is nothing to stop anyone from using weaker encryption as camouflage for inner strong encrypted data, or using a different strong encrypted network protocol to frustrate spies.

I suspect that a lot of fun could be had with HTTPS websockets carrying layered encrypted date.

In the Epyc center: More Zen server CPU specs, prices sneak out of AMD

Infernoz Bronze badge

Looks very interesting for FreeNAS ... if an affordable version is ever provided

I already had to move to a larger Intel server mobo to support 32GB Parity RAM; my next FreeNAS box build, in about 2 to 3 years time, will probably require 64GB Parity RAM. It'd be nice if I didn't have to scrap any more mobos for having inadequate RAM expansion.

Elon Musk reveals Mars colony rocket capable of bringing pizza joints to the red planet

Infernoz Bronze badge

Re: Venus is too nasty, Mercury too hot and the moons of Jupiter or Saturn too distant.

We'd have to be quite insane to FUBAR Earth, because Earth is obviously the only planet in our solar system suitable for complex life! Making Technology critical for all survival is not a smart idea, because it can break, then everyone is dead!

Even a messed up Earth is probably far better than all the other planets in our solar system for habitation, because of its temperature ranges, natural resources, and atmosphere, and the Van Allen Belt and Ozone layer blocking deadly space radiation.

Even colossal disasters like 7 large space objects colliding with Earth oceans about 7 1/2 thousand years ago, so causing 5Km high tidal waves, weren't enough to kill off all life on Earth, because humans of many cultures passed down history of it, not just the Noah story.

Infernoz Bronze badge

Re: How about

The later assumes that there are enough raw materials and energy supply where the fuel factory lands and there is a suitable area nearby for human habitation. If the later is not possible, then a viable colony there is probably doomed fantasy!

If mining and fuel production cost too much energy, the system will die for lack of net energy, just like oil/gas exploration/extraction/refining could end on earth when it becomes too energy costly!

Infernoz Bronze badge

Re: How about

Yes, send a load of tanker rockets craft to a staging point above earth, with enough fuel to accelerate to and decelerate at Mars, with en-route propulsion from Ion jet engines and sling-shot manoeuvres, so that the tankers assemblies could be parked ahead of time in a stable orbit above Mars. These launches could be done a long time before the expected human trip, so slower travel would be OK. Later trips could then refuel in orbit with enough fuel to land and later take-off, and later refuel in orbit for a journey back to earth.

Of course a huge problem for a manned trip is the hard & deadly space radiation, which even thick & heavy materials are unlikely to attenuate enough en-route or at Mars (assuming no protection magnetic shield like the Earth's Van Allen belt and thick atmosphere). I expect that a portable and weight/energy affordable, electromagnetic radiation-shield will need to be invented, possibly using superconductor electromagnets and/or a plasma field. Another significant problem is enough energy production on Mars to power all the life-support, manufacturing, and construction facilities; the longest lasting space probes have typically used very expensive, restricted, long-half-life radioisotopes e.g. Pultonium.

Banking websites are 'littered with trackers' ogling your credit risk

Infernoz Bronze badge

Re: Are there any legitimate uses for client side scripts on a banking website?

Current security standards say that the web servers handling entered data must always strictly fully validate all data from a client, including using a page populated unique token, stored in a session, and checked for in the input data. The idea that you can have stateless or no sessions, or do non-strict validation, is security retarded.

Client side Javascript checking of values is fine for faster rejection of iffy values, but the server must always strictly check for bad input data and reject it, this is because a spoofing/hijack exploit may bypass the page Javascript checks and attempt to pass harmful data!

The problem is that too many sites use too complex and obfuscated Javascript framework based code, so break in unknowable/annoying ways, so can run very slowly on even high spec. PCs and be vulnerable to, or even cause, security exploits!

Infernoz Bronze badge

Re: Yeah but...

I have "Self-Destructing Cookies"; all the non-whitelisted cookies get destroyed when the last tab for the domain is closed :-P

Infernoz Bronze badge

Re: I think we need to know...

Some sites, which should damned well know better, get their Javascript blocked completely because they do too self-host too much crap! I don't care if these sites need advertising for funding, when they have a whole side div of double column adverts for their and other people's crap its too much, so NoScript, uMatrix and Privacy Badger!

The number of third party crap links (ads,tracker,demographics,analytics) was already toxic over a year ago on many commercial and 'free' sites, and is still getting worse(!), so I /have to use/ whitelist driven tools like NoScript and uMatrix to try and retain some privacy and speed; tough web authors who don't like this, it's your r-type, retarded, promiscuous fault!

I even need Print Edit now for saving pages as text PDFs, even for blog/reference sites, because 50% or more of the page area is not even the actual content, WTF!!!

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

Infernoz Bronze badge

What happens when robotic devices get hijacked via these botnets?!

Fiction has been warning about robotic device hijacking for several decades now, including in Anime films like Ghost in the Shell (1995) and Paprika (2006), and StuxNet happened too!

What happens if this hijacking is driven by a hard to stop bot-net, possibly jumping between different makes/types of insecure devices/software, and targeting potentially deadly robotic devices like an asserted imminent flood of connected assisted/self-drive cars? Panic!

I can see crisis regulation happening if manufacturers don't lock-down/support devices properly soon, including possible forced scrapping of non-fixable/unsupported connected devices/software, and not even allowing connectivity in some classes/types of device.

r-type decadence like promiscuity and lax security later cause significant costs, as we now see with human demographic decay, cultural decay, and alien refuse invasion in developed countries; similar principles apply to connected computing devices, especially those designed by r-types!

WannaCrypt: Pwnage is a fact of life but cleanup could and should be way easier

Infernoz Bronze badge

NTFS is a dinosaur FS; Microsoft should port OpenZFS or license ZFS from Oracle already!

NTFS is not transactional, so is not thread-safe, stalls (especially for 1000's for files in a folder), can give stale file/folder results, so cause application malfunction, so the sooner it and all other non-transactional, logging FS's get replaced the better.

All hardware and pseudo hardware RAID should just die too, because only transactional software RAID can provide true end-to-end data integrity.

Infernoz Bronze badge

Pointless, use something designed for _full_ end-to-end data integrity, with _multiple_ deltas like git has i.e. ZFS with its multiple cheap snapshots; backups should be considered the absolute last resort, because they will be far more out-of-date!

FreeNAS and TrueOS provide the OS to build a _separate_ secure OpenZFS NAS and Server to maintain data and mitigate data corruption by a client; if you don't want to use an SMB share, you could still do frequent rsync delta backups to it instead.

Infernoz Bronze badge

The problem with your 'secure' remote copy idea (and daily backups) is they maybe compromised if a comprise happened before the last copy/backup...

My better idea is, put user profile and other data on ZFS/Open-ZFS NAS, excluding the OS, with frequent, NAS-scheduled, rolling dataset snapshots (say at hourly or less intervals), with regular scanning for suspicious file type and file type specific changes (e.g. header changes or dubious contents changes). When corrupted files are detected, the nearest earlier timestamp ZFS snapshot could be used as a source for a clean file, in a small fraction of the time, especially if automated.

* ZFS dataset (filesystem) snapshots are pinned deltas, so mostly won't take up much space, and you can have loads, but too many can reduce NAS performance.

I already keep my Thunderbird profile on an SMB accessed FreeNAS OpenZFS dataset, because I was fed up with retarded NTFS stalls and occasional mailbox corruption on an M2 drive with Windows 10 on an fast i7 box; it has significantly better data protection because the dataset is in a ZRAID2 volume.

Infernoz Bronze badge

Mostly prefer an OS as only a platform with abstracted access to proprietary resources.

Most software should rejecting direct use of proprietary OS frameworks, instead via bridging/isolation layers, like OS portable OSS API implementations, to make applications OS portable i.e. not dot-Net (incomplete library portability). You can then upgrade OS, or even migrate to a different OS, with minimal work. Microsoft will hate this, but it's their fault for repeated stupid 'business friendly' hacks to try and lock people in, Active-X being the absolute worst, and their Java abuse could have become far worse if they hadn't been sued by Sun!

There should also be wariness about using application software which has limited OS portability, or significant migration costs, like Microsoft Office, including any software dependent on these applications e.g. VBA and Excel specific scripting.

Java and other genuinely OS portable, intermediary-code-compiled/fast-interpreted languages, and OS portable frameworks/libraries (e.g. GUI, Graphics, Filesystems, Networking, Crypto etc.), are what most applications should be using to break this lock-in to transient proprietary APIs. Some people may not like proper portable languages like Java, because they are stuck in a stagnant C and C++ dogmatic 'simplicity' delusion, or are dangerous amateurs reliant on retarded VB or VBA; but they do offer far better portability between OS's and OS versions.

Java (and other JVM languages like Kotlin) also has some portability to Android, which further extends it's appeal.

Bankrupt school ITT pleads 'don't let Microsoft wipe our cloud data!'

Infernoz Bronze badge

Re: Once you send your data to the cloud

This is yet another example why keeping business data on the cloud and not owning business software is nuts.

7 NSA hack tool wielding follow-up worm oozes onto scene: Hello, no need for any phish!

Infernoz Bronze badge

Re: What's worse?

Not at all surprised, more deserved suffering for XP-tards, no sympathy or pity due!

I'd say that Microsoft is the lesser of the two evils and it's often easier to mitigate or fix their issues, basically these XP-tards should have upgraded to the far more secure Windows 7, years ago. Offensive compromise and modification can be far worse hassle to resolve that a failed update.

What should be in place for all OS's is network port filtering blocks to stop risky ports like SMB being accessible on insecure networks like the Internet or public WiFi, using NAT in a router to block all unmapped ports, and if possible IP-range white-listing of ports by a firewall in XP to further limit exposure e.g. using Ghostwall.

Bye bye MP3: You sucked the life out of music. But vinyl is just as warped

Infernoz Bronze badge

Re: MP3

Storage is cheap now, and most Android devices play lossless FLAC, not just audibly compromised MP3, so I prefer FLAC to MP3.

A agree with A. Dabbs, Vinyl was shit and was a lot more bulky than significantly better sounding, but now zombie CDROM. Unfortunately a lot of CD audio was ruined by abuse of loudness processing, and use of inferior analogue recording/mixing sources, which maybe why some nostalgics still prefer it.

All my old CDs were been ripped to FLAC several years ago because were inconvenient, not scratch proof, and a bulky zombie format, even back then! I only keep a thin USB 3.0 DVD drive around for immediately ripping any new/discovered stuff to FLAC, ISO or BIN/CUE on a NAS.

It's about f'ing time installers and media was supplied on read-only microSDs.

Banking association calls for end of 'screen-scraping'

Infernoz Bronze badge

Re: Isn't there an API already?

Obviously not or inconsistently, and EBICS looks like it is only for payments.

For login security and isolation reasons, only the user and a bank should have access to the unencrypted login details, which is why screen-scaping is stupidly insecure, because third party apps may abuse, leak, or poorly encrypt login credentials.

All routine logins should be done using a bank supplied private-encrypted, date expiry, login container, with one per app, maybe per device too, with the app name and device stored in it, so that selective locking is possible, rather than the fragility of a single login. A container could even be associated with a restricted set of permitted actions e.g. only being able to request status information like the account balance or the statement lines.

All banks should provide a _standard_, secure, web-service API over secure HTTPS, using an encrypted container for login, and their website should include customer functionality to create, download, and manage these tokens, and see an audit log of their use.