Posts by TonyHoyle 348 posts • joined 22 Mar 2010
So either:
The third party suppliers, large enough to supply a company the size of O2 with significant infrastructure, doesn't roll out new updates to a test network first and doesn't have a rollback procedure in the case of emergency, in which case O2 picked an incompetent supplier.
Or O2 doesn't have the above (and they should, even if the supplier already does it.. you never trust new builds until you've validated them internally), and they're incompetent.
It's a better programming language overall. Developed by Jetbrains who know what programmers want out of a language (they also developed the IDE for it). It supports multiple programming styles & the community has built up around it like that.. for example if you're into functional programming, go for it, if you prefer OO, that's fine too.
OTOH it provides you with more than enough tools to shoot yourself in the foot with both barrels, reload then fire again. Which I predict plenty of people will do once it gets more popular.
Nominet simply don't list the address any more, just a statement that the address that they have on file is accurate.
This is all that's needed. GDPR allows sharing data for legal purposes so there's no loss to law enforcement, just spammers/domain harvesters.
Interestingly the RIPE database still contains this information, the argument I think being that the contacts for network blocks tend to be engineers in charge of them not individuals (plus they've implemented a right to have the data removed).
This lock isn't compatible with modern doors like that - only old style wooden doors.
Not that this is likely to be a problem because google don't sell it in the UK or even appear to have any plans to (something that the register completely forgot to mention for some reason).
You'd be surprised - the alarm I ripped out when it broke is still a current model, was 3 years old when I disposed of it.
Not an IC on it.. all transistor based, so it was about 5 times the size it should be about 12" by 8".. I doubt the design has changed since the 1980s.
Replaced with an ESP8266 that does the same job in a 1.5 inch square piece of silicon (and gives me wireless status as well plus remote arming if I'm in wifi range).
Unless your ubiquiti hardware is a client you did nothing.
This is a client side vulnerability not AP side, and there's little that can be done on the AP to detect it (and unifi have said they currently aren't tackling that.
Too many people are installing AP updates and thing they've fixed it. Nope. You need to update every wireless client.
They're probably hardened against that, being $800 locks.
It's like being able to open padlocks with bits of beercan or pick locks in about 10 seconds flat (I've seen an electric lockpick in action.. 10 seconds is an outlier - it's probably quicker than using the key..). A *lot* of locks are just security theatre, but most burglars don't know that, and of those that do, they'll go after the easy ones rather than the hard ones, so all you have to do is make sure you don't get your lock from the bargain bin like your neighbour did and you're probably safe
I'm not sure their reservation system actually does anything.
For various reasons I needed an extra hard drive caddy.. could have got it next day from amazon but this couldn't wait, so I did a 'reserve' on the PC World website and set off up there... so arrived maybe half an hour later. It's a £10 fairly common item.. should be easy, right?
They had the reservation on their system, sure, but it took the staff completely by surprise that anyone would actually want to pick one up - it took multiple staff hunting around the back of the store.. I was stood at the till for another half an hour before they turned up with the caddy. I would have walked out, but needed the damned thing.
In my head a reservation would mean that a little thing would pop up and a minion would go to the right place in the stock room (catalogued.. if your'e searching for stock you're doing it wrong) and put it behind the till.. 2-3 minutes tops. That's clearly not what happens..
It also says a lot about how much verification was going on with the magstripes ie. none.
The longest I've had to wait was 30 seconds which is generally small shops with handheld cheap readers. In larger stores it's so fast I've got the notification the money has gone from my account before the receipt printer has finished printing.. it's sub-second.
I did wonder how people were quoting those repayment times.. I reliably calculate 20 years.. I did pay quite a bit more than they cost now, but I have the higher FIT to make up for it.
In practice the effect on energy consumption is minimal. They work during the day when I'm at work and the house is just drawing baseline, and don't work in the evenings when I'm at home and everything is on. Hence in practice they might have saved maybe £5 a month, except in winter when they rarely even generate baseline.
FIT is around £300-£500 a year. £8k initial cost. 20 years is about right. Not that I mind - those are the same calcs that I was seeing online when I initially bought them - wanted them because they're cool tech not because they save money.
It's an interesting problem. Triggering a warrant canary - even by inaction - could be considered informing the public, so in that case can the law compel someone to lie?
You could even contrive a warrant canary such that the only way to fake it would be to break the law. Can the law compel someone to break the law?
The problem is bank's ludicrously bad 'fraud detection' requires you to answer the phone otherwise they block all your cards because you apparently buying the same things you do every month is somehow suspicious.
You get a call from mumbai from someone with an accent so thick you can barely work out who they're from, demanding private information for 'security' and if you fail to answer correctly good luck spending any money for a whille.
It's a real concern. Banks should be hauled over the coals for it, as it not only encourages - even requires - behaviour that makes you vulnerable to fraud, they don't offer any alternatives - A simple text saying 'call the number on the back of your card' would suffice, but nope..
Yeah I don't really know how you enforce WAN access only... The windows device has the password. This must be reversible to work, so it's only a matter of time (hours, days) before you can download a tool that tells you the password which bypasses the restriction.
Also, how do you restrict.. I can't see it being particularly troublesome to bypass that. Once you're on the network you have access to that network - simple software blocks (under the control of the attacker, no less) simply won't work. You could simply dump all the now unencrypted traffic straight off the wifi interface & get loads of information.
Basically the password is tied to the BSSID. You have 100 friends, all the networks that they connect to will be stored on your computer somewhere with reversible passwords.
That's quite a lot of passwords.. and I reckon it'll be about a day before you can download a tool to print out all those passwords (and malware starts dumping it across the internet).
Problem is.. can you be certain that everyone who visits your house has it turned off? your kids' friends?
I'm hoping there's some network based countermeasure that can be put in place to block devices with it enabled, or at least block devices using it (those that have not legitimately been given the password).
At home I found freeradius an absolute pig, but the LDAP I have using FreeIPA which does the trick for home.
Most of my devices don't allow WPA Enterprise though... not even the xbox one which is fairly recent. Or chromecasts.. so I still need a password based network for those. I'll have to invest in other countermeasures to defeat wifisense.
I would really hope that it didn't apply to WPA Enterprise, otherwise it'll be sharing windows login details all over the place.
In small companies it's not uncommon to use a single password (smaller companies rarely have the requisite radius server setup or the experience to run one).
At home of course, it's all passwords. That said, from what they're saying you can detect wifisense users - it's saying they can't access local resources somehow.. in which case you can configure a network to break access for such users (for example redirect the first request outgoing to a local portal... if they don't click OK on that - which wifisense users won't be able to do - then no access).
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2020