* Posts by Uplink

185 posts • joined 7 Apr 2010


Teen bought Google ad for his scam website and made 48 Bitcoins duping UK online shoppers


Is that all it takes?

I should start a website like that for a short period, but you know, hide my tracks much better. Redeem vouchers with his own account? A newbie mistake.

Disclaimer: your honour, I made this comment hypothetically. If I were to actually go into cybercrime, I wouldn't brag to anybody, much less a public forum on the Internet, surely.

US nuke sub plans leaked on SD card hidden in peanut butter sandwich, claims FBI


Was mega.io (accessed via a VPN, Tor, behind 7 proxies™) too untrustworthy compared to a physical drop location? What a waste of a sandwatch.

Samsung to sling 2nm silicon in 2025, 3nm process running a little late


Re: What does "X nm" actually mean now?

Following your nice description, I guess processor manufacturers should have continued with the GHz numbers without actual GHz in the processor. We'd be at 20 GHz on a 1.5 GHz processor by now, if I'm guessing correctly.

UK umbrella payroll firm Giant Pay confirms it was hit by 'sophisticated' cyber-attack



I'm guessing that their "senior" Laravel "developer" didn't bother himself with junior-level stuff such as "syntax" and "preventing SQL injections", and "concerned themselves with the bigger picture"

I'm channelling some anecdotes I got from a friend who is conducting hiring interviews and so far has rejected all the "senior" developers that came his way, with one of them saying more or less what I said in the first paragraph.

Story of the creds-leaking Exchange Autodiscover flaw – the one Microsoft wouldn't fix even after 5 years



I would like to chime in and say that this problem isn't really a problem. Stop bothering me and my company.

Bill Gates

Lagos, Nigeria

Sent from my iPhone.

Fukushima studies show wildlife is doing nicely without humans, thank you very much


A quote from some guy who uses this development in support of his policies:

"Kill all humans!" - Bender "Bending" Rodriguez.

Three million job cuts coming at Indian services giants by next year, says Bank of America


New industry boost: scam calls

Is this part of the reason why calls about my national insurance number and getting warrants in my name have jumped in frequency? They want to show us that they'll take BoA's money one way or another?

Arm pulls the sheets off its latest Armv9 architecture with added AI support, Realms software isolation



Well... The core is still RISC, and it's all about modules added to it. The instruction sets of each module may also be relatively reduced in size. Maybe we need a new term: Modular Instruction Set Computer - MISC.

Intel keeps adding instructions to the main instruction set (but pretends to be modular by giving each addition a new label), because backwards compatibility. ARM is just pick and mix - make it as reduced or as complex as you fell like. I think RISC-V adopts this philosophy too.

One could think of this as having a lot more coprocessors than just a math one.

The wrong guy: Backup outfit Spanning deleted my personal data, claims Cohesity field CTO


Limits not imposed

Basically they didn't write any code to display errors when you reach a limit, but they're keeping an eye on it, likely with an excel sheet emailed to some higher up once a month. Then they store your data in /dev/null for free.

No phish for the likes of you, thank you very much! Google finds email villains are picky about demographics, country


Who gets the least?

If I "move" to Nigeria will all spam disappear?

Project Ticino: Microsoft's Erich Gamma on Visual Studio Code past, present, and future


They'll make their own UI framework. With blackjack. And hookers.

Linux maintainer says long-term support for 5.10 will stay at two years unless biz world steps up and actually uses it


The part that's new to me is "talking to some companies". Sounds like the complainant, or even Broadcom itself, isn't in the loop about LTS.

There should be a policy prominently displayed (like an asterisk and a footnote) that says "we can go to 6 if enough people sign up", as this exchange seems to indicate the policy isn't clearly indicated.

Smartphones are becoming like white goods, says analyst, with users only upgrading when their handsets break


Breakage as a feature

I'm not a Samsung fan, but I got a Samsung phone now after Google kept making the call volume go really low after a while on their phones and their suggestion was to clean the ear grid - done it, no effect.. Dudes, what?

Samsung also flipped a flag in an update and made my Dream View stop working (just another Samsung thing to do), but while annoying, I can live with it.

Cruise, Kidman and an unfortunate misunderstanding at the local chemist


Just a murder

One of the customers of the tiny ISP I was working for had been murdered. My phone appeared in the call logs, so I was cordially invited to the police station to ask me about my whereabouts. They asked if I had had a call with the victim, but I totally forgot I did, and I said no. That prompted them to call me in again (somehow they didn't know about the call the first time, so I got to walk home across town only to be asked to walk back), and be accused of lying. Then it dawned on me that about half a year before I received one call from the victim about his Internet access. We never met in person. And when I mentioned that to the cop he appeared surprised that it was so long ago.

I'm guessing they were experts in murder investigation if it took me two trips to the station for them to find out those crucial details.

Apple appears to be charging Brits £309 to replace AirPods Max batteries, while Americans need only stump up $79


You know nothing

Apple are just trying to do their part in supporting independent repair shops. Having a high price means you'll go to your local shop instead, supporting the local economy.

/sarcasm of course

On the 11th day of Christmas TalkTalk took from me... the email address of my company



Gentlemen and yahoo boys! Phishing poles, nets, and spears at the ready! Set! Go!

Mysterious metal monolith found in 'very remote' part of Utah


Remote location

Remote location where one can get stuck even if they know the area, but somebody managed to get a big chunk of steel up there unnoticed and get back out without asking for help. Yeah, sounds legit.

Amazon's ad-hoc Ring, Echo mesh network can mooch off your neighbors' Wi-Fi if needed – and it's opt-out


Imagined in a court of law

"It wasn't rape your honour. She didn't say yes, but she didn't opt out prior to the event in question, so it wasn't an explicit no either"

Headline: Dude walks away after justifying non-consensual sex act using consumer marketing law. Mass opt-out from women across the country. Congress considering law to make opting out harder.

Breaking news: Dude from previous story found dead, apparently because he didn't opt out of being murdered. Apparently his balls were cut off and he bled to death. Blunt pair of scissors found nearby. Testicles still missing. Here's a picture of them. If you see them, call the police immediately.

Frenchman scores €50k compensation for suffering 'bore-out' at work after bosses gave him 'menial' tasks


I'd like to do nothing and get paid

Interesting... So all I have to do is go to France, get a job just before a recession, and then get paid for browsing the Internet - for my world domination plans.

Microsoft warns against SMS, voice calls for multi-factor authentication: Try something that can't be SIM swapped


Drop all that

Authy user here, because of the convenience of SMS, with the knowledge that the private keys are mine. It survives across resets, and I can satisfy my ADHD by having it on multiple devices easily.

Ideally, SIM swapping should be fixed.

Getting an SMS to show that I'm in possession of my phone is very convenient, and it seems easy to implement at the login provider end even when they have code monkeys (a totally different security issue altogether)

It also works on dumbphones, for those who don't want to be tracked by Zucky, Gates, et al.

It is universally understood by people who otherwise don't know their Google from their Facebook.

The processes and PSAs should be as simple as a 5 year old can understand ("don't talk to strangers who call you out of the blue claiming to be from your bank, phone company, utility, dentist, child who's had an accident, investor who has the latest scheme to make you money, etc.) and the professionals can stand behind of.

Linux 5.10 to make Year 2038 problem the Year 2486 problem



Sounds like Oracle hit a problem with timestamps set in the future already and needed a quick fix, but didn't want to waste precious disk space either.

This should be taken as one of the first signs that this problem is starting to rear its ugly head and can't be put off much longer for software and structures that have't been updated to use 64-bit time yet.

UK tech supply chain in dark over Brexit preparations months ahead of final heave-ho


Have you tried believing?

Just believe in Brexit. That's all you need. Then you won't have any more worries that things go to hell, and you'll just get to be surprised beyond belief when they do. Much less mental effort, and you get to enjoy your pint in peace.

Apple takes another swing at Epic, says Unreal Engine could be a 'trojan horse' threatening security


Did Google back off?

The Apple saga may take a while more to develop, but did Google back off on this?

I'm asking because I see that Tinder is offering direct CC payments for their wares at a discount on Google Play, but not on Apple App Store.

Yet Epic's stuff isn't back in.

Better Java than Java: Kotlin 1.4 introduces new compilers for JVM and JavaScript


Kotlin 1.4 Intermediate Representation

First, XKCD: https://xkcd.com/927/

What I'm thinking in relation to the XKCD is that the 15th standard is not a competing one, but one that deploys to any one of the other 14 as needed. It may become _the_ standard later, after nobody cares about the other 14 anymore, just like barely anybody cares about Assembly language and CPU instructions when developing software these days.

Then the crazy happens: Somebody develops standard 16 (rather than patch 15), the maintainers of 15 make it deploy to 16 as well, and the ones of 16 deploy to 15... And the winner is declared in a tug of war, not dissimilar to Betamax vs VHS, DVD-R vs DVD+R and HD-DVD vs Blu-ray.

I got 99 problems, and all of them are your fault


Irreversible coincidences

It's ever so lovely when you fix one tiny thing and everything breaks. And then you revert the tiny thing and everything is _still_ broken. After you investigate the borkage, you end up with this question: How did this work in the first place? That's when I declare whiskey o'clock.

Gone in 15 minutes: Qualcomm claims new chargers will fill your smartmobe in a flash


Dual battery technology

Well, I was wondering why they're not making battery packs of smaller batteries, and charge them at regular speed but in parallel. 10 cells of normal batteries, charged at regular speed, but with a result of 10 times less total charging time?

I can imagine that 10 cells that heat up at regular speed produce 10 times the heat too, and give you the Galaxy Note 7 experience. Yeah, that could be a problem.

You're testing them wrong: Whiteboard coding interviews are 'anti-women psychological stress examinations'


So that's why I didn't get that job...

I had a whiteboard interview once. I was relaxed throughout. I believe I answered all their questions, but I didn't sweat one bit. I guess I failed the most important part then. Everything they asked me I had done on the job in the past, with some even fresh in my memory from the job I was leaving.

That, and the fact that I really didn't want to be in the office at 9 sharp given that their answer to "how often you guys do long hours" pretty much amounted to "it's rare when we leave on time"

'One rule for me, another for them' is all well and good until it sinks the entire company's ability to receive emails


Poach me! Poach me!

I'd love to be poached and be paid to sit out my non-compete. And when that runs out, I want to be poached again! And again!

What do you call megabucks Microsoft? No really, it's not a joke. El Reg needs you



They sell windows and charge an arm and a leg.

Image-rec startup for cops, Feds can probably identify you from 3 billion pics it's scraped from Facebook, YouTube etc


Insane Clown Posse

How well does it work with Juggalo makeup? Expect a steep rise in users if this takes off.

The Curse of macOS Catalina strikes again as AccountEdge stays 32-bit


"We have enough money"

"Yeah... Pay developers for a rewrite you say? The alternative is that we lose the cash cow you say? Yeah, let's go to the beach we have enough money"


The lawyers got a similar experience with GDPR, so it's not unheard of.

Eggheads have crunched the numbers and the results are in: It's not just your dignity you lose with e-scooters, life and limb are in peril, too


Re: Elbow, and not electric

Nope, I was about 9 months younger than when I wrote the comment. Age: 36. The surgeon said my healing is quite good compared to the average (hey, does anyone want to research my genome to see if I'm special?)

They say specialist surgeons (elbow in this case) have much better results than general surgeons because they know much better how to put the bones back together rather than randomly glueing them together and calling it a day.


Elbow, and not electric

Meh, I injured myself the old school way: kick scooter (i.e. I was the engine), hit a kerb with my front wheel, flew like Superman, did a screw through the air, landed on my left elbow (dislocation and terrible triad injury). Helmet wouldn't have helped me :)

Cause: good old speed (the m/s kind, not the kind mentioned in the article) and lack of judgement

I was seen by an elbow specialist and my healing is astounding after 9 months. Very little loss of range of movement.

No horrific butterfly keys on this keyboard, just you and your big, dumb fingers


How about a Magic Leap?

It's a heck of a lot of work, but just make the whole computer virtual. Put your Magic Leap on (hopefully you get a future version with better field of view), look at the table, ta da... fully working laptop or desktop computer.

And you get the same inability to touch type as with this invisible keyboard.

No wonder Bezos wants to move industry into orbit: In space, no one can hear you* scream


Re: Rocketry

Reminds me of Manna by Marshall Brain https://marshallbrain.com/manna1.htm so maybe Bezos read that and thought "what a wonderful idea"

Interpol: Strong encryption helps online predators. Build backdoors


Re: Or I dunno...

So something like this, really: https://www.unseenuk.org/what-we-do/Helpline-&-Resource-Centre

We are absolutely, definitively, completely and utterly out of IPv4 addresses, warns RIPE


Yo, Vodafone

I'm on Vodafone fibre. No IPv6 yet or even planned. They did find time to send me a new router that my laptop doesn't like though.

Three UK does it again: Random folk on network website are still seeing others' account data


Low data notifications

Is that why Three is texting me that my data allowance is low? I mean, I only have 1.6 GB left out of my 2 GB, and to some people that might be low, but come on.

Several months after the fact, CafePress finally acknowledges huge data theft to its customers


Don't roll your own security

"why passwords were not properly encrypted" - because nobody checked the code, and they rolled their own security module?

The security module developer might as well have been a contractor too, and then the motto of "it it ain't broke don't fix it" was applied. I mean, it was working, right? No need to look into it to see how it does it - no time for opening cans of worms.

This usually involves using a framework that provides pretty much all the scaffolding you need and lets you focus on your business logic. Don't roll your own framework either.

Clutching at its Perl 6, developer community ponders language name with less baggage


Choose your appeal and thus success

Camelia is a nice, pleasant name, and it can draw people in via the sexual-emotional route.

Raku can bury the language.

Technical merits? They don't matter that much. Would you rather tell people that you do Camelia or Raku? Sounds to me like I'd rather admin to writing Perl than Raku.

Wait a minute, we're supposed to haggle! ISPs want folk to bargain over broadband


Penalising loyal customers - helps competition?

Regarding that super-complaint:

I'm not in any way an expert in economic competition, but doesn't this "penalty" help competition (when people switch frequently), while removing it can create a few big players because people are too comfy to switch or "haggle"?

(It's not really haggling. It's just asking "I can haz discount?" They already have a list of approved discounts on their wall for those who ask)


If they have discounts available they'll give them to you if you ask. If not, they won't

Sometimes haggling is immediate, other times it takes them 3 days to get back to you.

This time around I didn't need to haggle with Vodafone. They were happy to "upgrade" me from my old plan (30 quid/month) to a new 18 month contract at the same speed (the maximum available on VDSL), plus a new router (23 quid/month list price). There was Sky cheaper by one pound, but I didn't think it was worth it to switch just for that.

But in the past I got Virgin to give me a kicker of a deal by rejecting all their discounted offers that were undercut by regular providers. They came back with an offer I just couldn't turn down: more speed, less cost than everyone on the market at that point.

My MacBook Woe: I got up close and personal with city's snatch'n'dash crooks (aka some bastard stole my laptop)


Kensington lock steel cables to be provided in coffee shops

It looks like coffee shops should start providing ready-to-use Kensington lock steel cables.

It should be already built into the table so you can just lock your computer when you sit down, without fondling with your own. These shouldn't necessarily need a key, as they're not supposed to be used to leave your laptop unattended, but to slow down any theft attempt enough to headbutt the douche.

A knob that can be pushed once to lock but needs to be twisted three times to unlock could do the trick.

Meet ELIoT – the EU project that wants to commercialize Internet-over-lightbulb


One way?

OK, so you use lights to transmit data to the devices, which presumably will get quite of bit of the data through reflections. How do the devices send the data back to the light fixture? Signal shadows/eclipses are a lot more likely when you're hunched over your laptop.

I have this feeling we'll get a "dongle" that sticks out so it can see the light bulb.

Low Barr: Don't give me that crap about security, just put the backdoors in the encryption, roars US Attorney General


Re: Outlaws

(going offtopic here)

Oh, this epiphany just in: if only outlaws have guns, then the end result is that unless there are many outlaws out there then the number of guns on the streets will dramatically reduce, and so will gun crime as now guns and bullets are a luxury.

I wonder what the gun nut counter-argument is to this logic (besides yelling "2nd amendment!", which is a right, not an obligation, and can be withdrawn if the people agree).

Not the same could be said about outlawing encryption though. The outlaws with encryption might get even more empowered compared to the ones with guns.


I have a solution

Mr Barr,

Just have the apps send the messages twice: once encrypted end to end - to keep the regular hackers away, and once encrypted with government keys - to keep the government hackers in the loop. It won't be a secret that you are spying on people, but that's not important.

Keep the government keys in a secure offline vault, under armed guard. Log everyone who checks them out, and the warrant that allows them to do so. Only allow the keys to be used inside the secure facility on a network that isn't connected to the Internet (although you're allowed to use VPN to scale out around the country).

Everyone entering and exiting the facility will have to get butt naked and get every orifice check both going in and going out. Only authorised devices past this point.

Impose fines on anybody who doesn't have this simple^W very complicated and very well thought backdoor in their app.

Possible bug: there's no guarantee that the message encrypted with the government key is the same as the one encrypted end-to-end, and no way to check either.

That will be $10M plus relevant taxes. Thank you.

An Armchair Internet Security Contractor

Brexit? HP Inc laughs in the face of Brexit! Hard or soft, PC maker claims it's 'no significant risk'



"We think our competition will get shafted enough that we can use our current level of operations to fill the gap left by them when they go bankrupt". Brexit will be just fine...

Not very bright: Apple geniuses spend two weeks, $10,000 of repairs on a MacBook Pro fault caused by one dumb bug


I had a laptop where Fn+C would disable the touchpad.

I use the Linux Terminal a lot, I touch type, and Fn was next to Ctrl. It took me ages to understand what was happening.

This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already


What took so long?

I remember reading a very long time ago the article that said Debian disabled mode lines because they could be used to execute arbitrary commands just by opening a file. That annoyed me, because it disabled all the other nice stuff modelines provide: setting the spacing and filetype for syntax highlighting was very useful.



Biting the hand that feeds IT © 1998–2022