* Posts by FordPrefect

150 posts • joined 10 Feb 2010

Page:

We did NAT see that coming: How malicious JavaScript can open holes in your firewall for miscreants to slip through

FordPrefect

Re: What's this? I know, I'll plug it in...

No ALG is a service that runs on various firewalls and proxies that allows devices sitting behind a hide NAT to work with the SIP protocol which requires an inbound connection for VOIP calls. It sits and brokers the connection by listening into the packet stream on the initiation of a SIP session and dynamically opens up inbound service ports as required similar to uPNP. You don't need it for skype, or a lot of the consumer application based voice services. In many cases assuming your router isnt horribly hobbled you can probably turn it off, although some people might have corporate VOIP systems and some people even have home VOIP systems. I know when I've seen it in corporate environments before normally the actual server is behind a corporate firewall and requires users to VPN in, meaning the ALG would probably not be needed.

Ancient telly borked broadband for entire Welsh village

FordPrefect

Well I'd guess this can't be a very common problem otherwise it would probably happen far more frequently and every engineer would be trained to look for this first. In every diagnostic field you always get that problem that crops up once every 10 years do you test for it every time, or do you attempt the fixes that work the other 9,999 times out of 10,000 ?

Google bans stalkerware apps from Android store. Which is cool but... why were they allowed in the first place?

FordPrefect

Great they are doing this...

However whats to stop a jealous, abusive spouse from installing the app thats fine because its just for tracking kids?

Amazon Lex can now speak British English... or simply 'English' if you're British

FordPrefect

Well British English doesn't really exist. English English is one variant, Scottish English is another and from what I've heard Northern Ireland has its own unique variant.

Cisco’s 'intuitive security' tool can’t handle MAC address randomization out-of-the-box

FordPrefect

True I suspect this will cause a problem with forescout and pulse NAC. Also maybe other network discovery tools which base the results on MAC addresses, as upto now its been about the only static fingerprint for networked devices. Oh and thinking of it, it will potentially cause problems with DHCP if for some reason you are assigning static IP addresses to iOS and Android devices, not commonly done but maybe for VIPs in large organisations. Assigning static IP addresses and allowing URL filtering rules and firewall rules based on an IP is easier than going down the whole rule of user authentication on devices or full blown NAC functionality.

Apple takes another swing at Epic, says Unreal Engine could be a 'trojan horse' threatening security

FordPrefect

Re: Did Google back off?

I think google and apple have the same policies if its purchased via the app it has to go through there store. However you have always been able to pay direct through a browser. For example with kindle and the amazon app you can't buy ebooks, however if you open chrome or safari on your mobile or tablet you can still purchase direct from amazon.

FordPrefect

Is anyone stupid enough to believe....

This is nothing more than an attempt by apple to enforce there 30% revenue stream from app developers. I mean basically they provide the hardware and OS. Charge users a premium then enforce any purchases through apps on the platform gives them 30% great business model if you can keep it going...

UK govt: It's time to get staff back into the office! Capita: Hey everyone... about that...

FordPrefect

Well we all know what the governments concern is...

Large commercial landlords staring into the abyss if large companies reduce the size of there offices, knock on effect with pret and other large businesses is a secondary concern. Look at where the money is that props up the tory party....

Butterfingers who don't bother with phone cases, rejoice: New Gorilla Glass 'Victus' tipped to survive 6ft drops

FordPrefect

Enough of Gorilla glass bring on the transparent aluminium already, that stuff will take a chunk out of the floor and not out of your phone!

Skype for Windows 10 and Skype for Desktop duke it out: Only Electron left standing

FordPrefect

Re: Oh Jesus, why?

Agreed. Teams UI is awful.

FordPrefect

Only problem is consumer skype seems to be so 5 years ago. Most people seem to have moved onto facebook messenger or whatsapp. I only of one person that is still a skype hold out.

Health Sec Hancock says UK will use Apple-Google API for virus contact-tracing app after all (even though Apple were right rotters)

FordPrefect

Its good they've finally seen sense. But who will take responsibility for 3 months and millions of pounds wasted? I bet it won't be Hancock or Dido, I mean she is a professional at avoiding any responsibility just look at the talktalk fiasco ?

Logitech G915 TKL: Numpad-free mechanical keyboard clicks all the right boxes

FordPrefect

I've used logitech mice and keyboards for years. Currently using a G910 which also has nice old school feel with noisy keys which hark back to the old IBM keyboards. You really can't go wrong with logitech in my experience. Some linux software for the lighting functionality would be nice though I have to admit although appreciate it will probably never happen.

Brit MP demands answers from Fujitsu about Horizon IT system after Post Office staff jailed over accounting errors

FordPrefect

Re: Heads ought to roll

As most Post Offices are franchise type businesses not entirely sure health and safety laws and a duty of care would apply in most cases ? What might apply is if the people in the relevant positions in Fujitsu and the post offices were aware of the problems and actively covered things up "Attempting to pervert the course of justice" or potentially for post office position holders as they were technically at the time a public body "Misconduct in a public office"? Maybe even perjury although for that they would have had to given evidence in the first place and lied in court.

FordPrefect

Re: Heads ought to roll

Given the time that has elapsed, in all probability given the turnover of directors and senior managers in corporate Britain those responsible will have either retired or moved onto pastures new at least 10 years ago. When is the last time you saw someone at director level or above stay in post for more than 5 years in big business Britain ? They've already moved on to mess things up somewhere else...

No more installing Microsoft's Chromium-centered Edge by hand: Windows 10 will do it for you automatically

FordPrefect

Re: Same old tactics

But you never know this time might be different on the 105876 time of asking the question you might actually have changed your mind on wanting music recorded in poor quality or suddenly have spawned 16 kids in the range 4-16 overnight !?!

Airline-chasing lawyers leap on Easyjet for £18bn after 9m folks' data, itineraries nicked

FordPrefect

Hmm arent most airlines at this point basically insolvent anyway ?

UK COVID-19 contact-tracing app data may be kept for 'research' after crisis ends, MPs told

FordPrefect

No chance

Not a snowballs chance in hell I'm installing this government sanctioned spyware. I dont trust central government databases just look at the misuse of the police PNC. Look at the misuse of personal data from projects connected to vote leave and Cummings and I believe him and his cohorts have some fingers in this pie as well. You can only trust the security of your data if you trust the people that have access to it. I dont therefore I wont be going anywhere near this.

The Adobe Flash Farewell Tour 2020: LibreOffice to axe export support for .SWF in version 7

FordPrefect

Lets just hope that Flash isnt a legacy technology that gets a COVID lifeline, flash needs to die on time and on budget! I mean something has to happen on time and on budget in the IT industry sometime?

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months

FordPrefect

Re: It's optional

Which is fine if you don't want customers who have ipads and iphones to access your content. Even people with macs would have to download an alternate browser or be continually pestered about insecure web pages. Not a great look for your company. Granted its good practice to regularly replace your certs but its a bit more of a pain if you are intercepting TLS on a load balancer/firewall/IPS or similar as they don't all support automatic certificate re-enrolment. Even if they do, you don't necessarily want to hand over your CA credentials to another organisation that is running your network/security devices if you aren't running them in house.

Fujitsu warns HMRC Projects team that 30% of them could be out of a job come April

FordPrefect

Re: So Fujitsu has no other work?

They probably do have other work but if it's not UK government it can probably be done offshore. Why pay someone in the UK when you can pay someone in Asia or even Eastern Europe a tenth of what it costs to employ someone in the UK? Not my personal rationale as my experience is it often costs more in customer satisfaction, or more direct losses when you hastily have to pay onshore rates because the offshore teams just don't perform to the same standard, but well it looks good on the figures for this financial year so we'll just worry about the numbers for next year, well in 3 months time...

Cloud, internet biz will take a Yellowhammer to the head in 'worst case' no-deal Brexit

FordPrefect

Don't worry...

That sound old bloke Nige down the pub was drinking a pint of London's finest, smoking a faaag telling us all how it was all project fear mark 2. Mark his words everything will be fine and suddenly UK trade will go through the roof. Dont worry about little things like data protection regulations, boats to move stuff around etc, this old bloke obviously knew what he was talking about as he used to sell shit on the commodities market and has just spent the last 20 years talking about stuff he has no actual experience of!

IBM to GTS: We want you to 'rotate' clients every two years

FordPrefect

Job rotation is a standard security practice. The idea being someone new in the job can pick up on irregularities and it makes it harder for people collude for nefarious purposes in privileged positions. Granted I don't think many outside of banks and financial services do this.

Stop us if you've heard this one: Adobe Flash gets emergency patch for zero-day exploit

FordPrefect

Seriously can't someone take flash out back and shoot it in the head and save us from flash misery!

Windows 10 to force you to use Edge, even if it isn't default browser

FordPrefect

Re: Fucking idiots

The difference is ios only has a small overall market share. The reason microsoft get a kicking is because they have a monopoly on the desktop OS market. If you have a dominant or monopoly position on one product you cannot use that to attempt to get a monopoly in another market.

Intel didn't tell CERTS, govs, about Meltdown and Spectre because they couldn't help fix it

FordPrefect

Well call me a cynic but you tell the US government about exploits, the NSA will be writing exploit kits based on it. Someone finds that exploit kit and figures out what its targeting and suddenly you are in the middle of a massive sh*t storm.

PPI-pusher makes 75 MEEELLION nuisance calls, lands £350k fine

FordPrefect

That's less than half a penny per call. That's a real deterant, they should be able to first fine the company any turn over created from those calls, and then a decent punative rate per call. How about £1 per call ? So that would be £75 million plus any money taken as a result of those calls?

UK.gov admits porn age checks could harm small ISPs and encourage risky online behaviour

FordPrefect

You seriously think service providers use firewalls and deep packet inspection technologies such as IDS/IDP on a connection that is charged out at 20-30 a month for connections that are probably starting to average over 20MB? Most of its DNS based filtering these days.

FordPrefect

Kids always find a way. And what would you prefer they experience something from a mainstream porn site or some sick shit from the dark web ?

Windows Store nixed Google Chrome 'app' hours after it went live

FordPrefect

Hah put chrome on the windows store and nobody will ever have a reason to use edge!

Russia could chop vital undersea web cables, warns Brit military chief

FordPrefect

I'd love to know the plan for realistically protecting literally thousands of miles of cables from stealthy submarine attack!

IBM reminds staff not to break customers in pre-Xmas fix-this-now rush

FordPrefect

Will senior management accept that there is a finite amount of resource so if the amount of change exhausts the amount of resource then no more work can be done? No it will be business as usual pushing for more and more work to be done quickly so it can be billed. Those same senior management will then blame the overworked stressed workers that make a mistake due to having to much work and too little time.

BT hikes prices for third time in 18 months

FordPrefect

Re: OpenRetch

Openreach which is a seperate entity which charges all communication providers a price agreed with ofcom...

Credit insurance tightens for geek shack Maplin Electronics

FordPrefect

Hah given maplin prices they only have to sell 3 items a week to break even.

Didn't install a safety-critical driverless car patch? Bye, insurance!

FordPrefect

I'd guess in practice you'd need some sort of marking system to decide how critical a patch was and something thats easy for a customer to understand ie 1-10 with anything above 5 being installed within a suitable window. ie give people a week or a month grace before it invalidates there insurance.

Co-op Bank's users moan over online wobbles

FordPrefect

I used to be a COOP bank customer back in around 2010. The online was useless as it was always a day behind.

What shocked Verizon more: The Yahoo! mega-hack or that it runs AIM (for not much longer)?

FordPrefect

All three people left using AIM must be devastated!

US Senators want Kaspersky shut out of military contracts

FordPrefect

Given the low level system access that AV and other security tools need to do their job on an endpoint I'd be surprised if the US military used software from outside the US.

America 'will ban carry-on laptops on flights from UK, Europe to US'

FordPrefect

Its going to get to the point soon where you must really want to goto the US to visit. Its already close to ritual humiliation with the security precautions and thats not even considering the fact the airlines treat you like crap. I'd be tempted to do the transatlantic trip to Canada or Mexico first then a smaller hop to get where you wanted. IE goto Toronto and goto New York from there, or if going to California, Texas or Florida transit through Mexico.

IBM: Customer visit costing £75 in travel? Kill it with extreme prejudice

FordPrefect

All very short sighted. Regular face to face contact with customer stakeholders significantly improves customer satisfaction in my experience in the industry. Saving a few thousand per contract could lead to contract termination later down the line. You'd be surprised how even the worst f*ck ups are smoothed over by a 1-hour face to face.

UK Home Office warns tech staff not to tweet negative Donald Trump posts

FordPrefect

Re: Yes, good idea

The problem is most people have social media accounts that are or have previously been linked and with a bit of googling even if you severed the link between LinkedIn and twitter there is a good chance google will link your accounts together again.

Ransomware scum offer free decryption if you infect two mates

FordPrefect

Re: If only someone....

Well they are useful unless the clever ransomware writers sneakily encrypt your daily backups for a period of time before and then encrypt the main machine, meaning when you try and revert to your backups for the past week you find they are all encrypted too.

Citizens Advice slams 'unfair' broadband compensation scheme

FordPrefect

Re: If Only OfCom Did What They Were Paid For...

Then we go back to the days of a few set speeds like when we could choose 512k, 1MB or 2MB, granted I'd hope for the most part we could better those speeds these days, but I'm pretty sure people who are sold lets say 15MB but see the line sync at 17 or 20 MB will be unhappy. Regardless of the speed delivered the cost to provide ADSL broadband is pretty much the same if you get 256k or 20MB, similarly with VDSL cost is the same regardless of actual speed delivered. So the only way for that to work would be to charge everyone the same as now but then increase price regardless of actual cost to deliver.

Would you like to pay 4x the cost to go from 20MB VDSL to 80MB VDSL regardless of the fact the cost for the ISP to deliver is the same and would you like to be stuck on set values and lose out on the line sync speed?

Free Windows 10 upgrade: Time is running out – should you do it?

FordPrefect

I've had it on my PC and laptop since it first came out and am very pleased with it. Was dubious and installing it on my niece's netbook but after doing it wish I had done it when it first came out. Its like its a different machine compared to it running windows 8.1. Definetly if you have windows 8 or 8.1 upgrade. For windows 7 support will eventually stop and you'll have to pay for an upgrade is that what you really want?

Adobe scrambles to untangle itself from QuickTime after Apple throws it over a cliff

FordPrefect

Didn't they used to use quicktime for TV shows purchased on itunes? Does this mean windows users are forced to either accept the security hole or not watch programs they've bought on windows?

Linux command line mistake 'nukes web boss'S biz'

FordPrefect

Just reminds everyone why you don't ever test scripts for the first time on a live environment and also why proper off system backups are so vital! Don't ever just rely on RAID disc resiliency it wouldn't have helped here.

Dead Steve Jobs is still a crook – and Apple must cough up $450m for over-pricing ebooks

FordPrefect

Re: hubris

Thats quite simple here in the UK and I'm guessing elsewhere in the EU. Only paper books are VAT exempt. VAT is payable on ebooks.

How will Ofcom reduce our reliance on BT if it won't break them up?

FordPrefect

It doesn't matter who owns Openreach as long as its run on commercial lines they have to worry about competition rules, have to be careful about cross subsidies, have to make some sort of profit and the cash to put fibre into every home would have to come from somewhere. Now we're slowly edging there with FTTC and now G.Fast. However to do the last 10% will cost more than the other 90%. It will never commercially even come close to breaking even, you goto the market looking to borrow billions more than you make each year and say we want to borrow this money and spend it on something that we wont even be able to cover the cost of it and you'll get laughed out of the door.

The unpalatable options are :-

1) Slowly keep creeping fibre closer to homes(Works for 70% of the population mainly in towns and cities)

2) Massive government subsidies for rural areas.

3) Ofcom to agree increases in openreach charges so that money can be reinvested in rural areas. Two problems its anti competative as it decreases the incentives for other people to compete in those areas and customers would be up in arms if say £5 to £10 a month was added onto combined bills.

4) Tell rural people they will have to pay for roll out of fibre to there communities. I cant see many people in rural communities accepting being told they have to each pay £10,000 to deliver fibre to there homes.

Criminal records checks 'unlawful' and 'arbitrary' rules High Court

FordPrefect

Re: Spokesperson for the Home Office 'disappointed'

Actually no the department of justice headed by Michael Gove is responsible for the courts and judiciary not the home office.

Sysadmin's £100,000 revenge after sudden sacking

FordPrefect

Re: It was probably documented. RTFM?

Documented in the early 2000s? Most things even in big companies were on the back of a fag packet and maybe a quick and dirty visio back in those days.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020