* Posts by JohnG

1639 publicly visible posts • joined 27 May 2007

Smartphone industry is in 'recession'! Could it be possible we have *gasp* reached 'peak tech'?

JohnG

I changed my phone this year only because I wanted Galileo support (for professional reasons). If it wasn't for that, I would have continued to use my three year old phone, which was already a two year old model when I bought it. Non IT folk typically don't need to change their phones unless stolen or broken - five year old smartphones have decent cameras and can use popular apps for social media, navigation, etc. Some still change their phones only so they can be seen with the latest gadget but most seem to have realised that this is a mug's game and that a flashy but inexpensive phone case can disguise the model and age of their mobile.

If I can't tell the difference between 720p and HD video on my phone's 5.5 inch display, do I really need 2K/4K resolution?

JohnG

Re: Market saturated, no new must-have function, and prices are crazy

"How do you continue to use the phone when the battery is gone? Hold the wireless charger to your head?"

You can always pull the cable from the wireless charger and plug it directly into your phone.

However, if you use one of those magnetic mounts to hold your phone in the car, it will involve having a chunk of ferrous metal on the back of your phone or in the phone case. When used with a wireless charger, this will heat your phone, as opposed to charging it.

Apple's launch confirms one thing: It's determined to kill off the laptop for iPads

JohnG

Re: CAD ... is suited to being run in the cloud

"This means their IP doesn't have to leave the premises, and isn't stuck on an individual workstation inaccessible to colleagues."

...and their IP is not on any kind of device where the manufacturer's cloud storage is the operating system default - like an iPad, Chromebook, etc.

Florida man won't be compelled to reveal iPhone passcode, yet

JohnG

"What could possibly be the file that they want to access so much, and why is it relevant to a car accident?"

Video, taken in the period up to the crash?

The best way to screw the competition? Do what they can't, in a fraction of the time

JohnG

Re: "Ethernet is so much better"

When looking for something in my attic last year, I found a tool that was used to make the holes in 10base5, when installing a vampire tap.

Assange catgate hearing halted as Ecuador hunts around for someone who speaks Australian

JohnG

Soap opera

It is almost as if Assange and his hosts are creating an absurd soap opera, so that The Reg can write articles like this one.

Maybe Assange could do a new version of the video for the 90s dance track "Ecuador" by "Sash!".

Cops called after pair enter Canadian home and give it a good clean

JohnG

Friendly dog

"....the home had been left open so that the neighbour could walk the owner's dog."

The dog was apparently happy for two complete strangers to enter the house and clean it. Presumaby, the dog would have been just as happy if they had emptied the place of valuables.

Leaked memo: No internet until you clean your bathroom, Ecuador told Julian Assange

JohnG

"I don't think the Swedish prison was the issue rather the Swedish extradition treaty with the US."

But the US never charged Assange (what would they charge him with? - he is not a US citizen) nor have the US authorities presented an extradition request for Assange to any country. The UK's extradition treaty with the USA is at least as strong as the one with Sweden and Britain might be more inclined to go along with " extraordinary rendition" than non-NATO Sweden. While Trump has expressed in interest in Assange, Obama's administration did not. Had he resolved everything with Sweden at the outset (it seems likely that they would not have actually taken the case to court), Assange could be long gone by now.

Sure, Europe. Here's our Android suite without Search, Chrome apps. Now pay the Google tax

JohnG

Are the regulators also going to go after Apple for their search and browser offerings? I appreciate that Apple are the sole manufacturers of their own hardware, while many manufacturers use Android but the regulator's issue appears to be about end user choice.

If users in the EU/EEA end up without Google Apps, they might be able to flash their phones with a "European but not EU/EEA" build e.g. for Russia/Ukraine or UK.

Lawyers for Marcus Hutchins: His 'I made malware' jail phone call isn't proper evidence

JohnG

Re: Signed a Miranda waiver form after being read his rights

"Based on the evidence disclosed so far there's nothing to suggest Hutchins was involved in packaging and deploying Kronos."

If I understood it correctly, Hutchins was arrested on the word of someone who was caught with some of the money but got a plea deal i.e. the individual actually responsible for the theft/fraud will get less punishment than someone who at best, had mininal involvment.

JohnG

"Otherwise, the standard Miranda Warning is short and explicit, and probably comprehensible on about a grade 6 or better level, and enough like the similar warning given in the UK for Mr. Hutchins to understand it unless he was really quite impaired."

The UK's equivalent of the Miranda law was changed some years ago (thanks to Tony Blair) and there is a significant difference: in the UK, there is a right to silence but a court is allowed to assume something bad about anyone who exercises that right.

JohnG

"Miranda rights are not a secret code. "You have the right to remain silent" is about as clear as it gets."

For a British person that is not true. In Britain, we used to have something equivalent to Miranda rights but it was changed... Now people have a right to silence but if they exercise that right, this can be used against them in court.

What could be more embarrassing for a Russian spy: Their info splashed online – or that they drive a Lada?

JohnG

Re: Or

"What spy, or spy-wannabe, has only one set of ID?"

Having several sets of ID is useless if you can be found on a publicly accessible car registration database, because you chose to register your car at spy HQ, so you could get out of traffic fines.

JohnG

Re: Or

"It's a really good address to have when the ordinary Russian plod pulls you over.."

It's like a "get out of jail" card when driving in Russia but could be a "get arrested and deported" card elsewhere.

JohnG

Re: No need for Russia to be a part of the EU

"The spy only needs to live legally in the EU in order to get full protection under the GDPR."

Yes - but according to their car registration data, these alleged spies all claim to live at GRU premises in Moscow, which is key to the gist of this story.

Dutch cheesed off with Russians, expel four suspects over chemical weapons Wi-Fi spying

JohnG

Re: "Expelled" Not Held -- What?!?!?

"They get caught red handed, interfering with a legal investigation, and they were just let go?!?!?"

They were travelling on diplomatic passports, with all the privileges and immunities that such status affords.

JohnG

"One kinda wonders how exactly they were caught in the first place"

I suspect the Dutch would routinely keep an eye on new arrivals with diplomatic passports but in this case, they were tipped off by British intelligence agents that the OPCW and/or other bodies might be hacked. Quite how British intelligence agencies knew of this in advance is not known/stated.

Manchester nuisance-call biz fined £150k after ignoring opt-out list

JohnG

"...and to ensure the directors don't just form another firm and repeat the cycle – the government is planning to make directors personally liable for the fines.

I thought the whole point of the "Limited" in "Limited Liability" is that the liability of directors for their company's debts is limited to debts that have not been accrued through the course of normal legal business activities. When directors allow their company to do anything that is illegal, they can be held liable for the comany's debts and can be held personally responsible for any crimes committed/their negligence. Running a company that engages in making illegal marketing calls and then folding the company when a fine arrives from the regulator seem to be exactly the sort of things for which directors should be held liable.

New Zealand border cops warn travelers that without handing over electronic passwords 'You shall not pass!'

JohnG

Re: Have fun!

"I'm not telling you the code to unlock my phone..."

If you ever visit the UK, I would suggest you don't take that approach - it could land you with a two year term in jail.

Holy smokes! US watchdog sues Elon Musk after he makes hash of $420 Tesla tweet

JohnG

Re: 5 minute recharge time

"Electricity already has VAT paid on it."

Yes, although at different rates for commercial or domestic use.

"It's also impossible to charge duty on electricity used to drive a car without charging duty on other electricity. Electricity is electricity."

That is about to change... Part 2 of the Automated and Electric Vehicles Act 2018 is all about the charging network for electric vehicles. In addition to mandating the provision of EV charging points in new property developments, on streets, etc., the act also states that future EV charging points must be "smart":

Smart charge points

(1)Regulations may provide that a person must not sell or install a charge point unless it complies with prescribed requirements.

(2)The requirements that may be imposed under subsection (1) include requirements relating to the technical specifications for a charge point, including for example the ability of a charge point—

(a)to receive and process information provided by a prescribed person,

(b)to react to information of a kind mentioned in paragraph (a) (for example, by adjusting the rate of charging or discharging),

(c)to transmit information (including geographical information) to a prescribed person,

(d)to monitor and record energy consumption,

(e)to comply with requirements relating to security,

(f)to achieve energy efficiency, and

(g)to be accessed remotely.

i.e. They want to know (via remote access) how much energy is being used to charge an electric vehicle (because they will be losing all that fuel duty). They also want to be able to turn EV chargers off and on, presumably to protect the grid.

As the feed-in tariffs for solar panels are diappearing, I foresee a market for illicit solar panel and/or home battery storage setups, where EV owners will charge their vehicles without paying the relevant tax. Unlike red diesel, the government can't put a dye in the electricity.

Fancy Bear still Putin out new modules for VPNFilter malware

JohnG

Re: Some devices are unpatchable.

Some may be able to find some open source firmware for their device but this is not a solution that normal users are likely to take. Most normal users just use their devices, rarely/never check for firmware updates and don't read articles about network device vulnerabilities.

Office 2019 lumbers to the stage once more as Microsoft promises future releases

JohnG

Re: Classified and commercially sensitive documents?

"This allows us to ensure documents and emails are encrypted at rest and in transit and when we're talking about documents stored in the cloud we have BYOK (bring your own key) and shortly HYOK (Hold Your Own Key) encryption facilities, this is all baked into Azure"

That's nice but to give an example of the problem, EU classified documents may not be transported or stored outside the EU, even if encrypted. Even if Microsoft promise to only use cloud storage within the EU for certain customers, once the data has left the customer's site, how can they be sure? After all, governments and companies in several European countries have been the subject of spying by US intelligence agencies, despite being allies.

JohnG

Classified and commercially sensitive documents?

As Microsoft push users to use their cloud, what is the situation with sensitive documents e.g. classified or with commercial secrets? Can users be sure that copies of their documents are only stored in accordance with their organisation's security policy or their country's national security legislation?

Microsoft pulls plug on IPv6-only Wi-Fi network over borked VPN fears

JohnG

Re: It’s not going to happen

"Most things are on IPv4, but there are some IPv6 only things out there..."

Like what? Nobody is going to put their stuff only on IPv6, except those trying to make a point about using IPv6, for the simple reason that they don't want to risk being invisible to the majority of Internet users. And until there are enough useful things only available on IPv6, very few people are going to bother with IPv6.

The majority of Internet users wouldn't care about not having a unique IPv4 address, even if the issue were explained to them.

Euro bureaucrats tie up .eu in red tape to stop Brexit Brits snatching back their web domains

JohnG

.ue ?

Given that English will no longer be an official language of the European Union after Brexit, one would have thought that the EU would want to grab the TLD ".ue", corresponding to "Union Européenne"

2-bit punks' weak 40-bit crypto didn't help Tesla keyless fobs one bit

JohnG

The simpler translation is that nobody will lend the researchers a horse, sorry, McLaren, to hack.

JohnG

Re: Would have been nice to target the right manufacturers El Reg

"Nope. Fair game. Tesla, which claims to be being "disruptive" by running an auto company like a tech company, should have known better than to use a 40-bit key in the first place."

Tesla didn't use a 40 bit cipher, Pektron did. Tesla bought a keyless entry system from Pektron but Pektron had used a 40 bit cipher (which is why the same problem is thought to exist on other cars using keyless entry systems from Pektron). In retrospect, perhaps Tesla should have checked what they were buying more carefully.

JohnG

Re: Would have been nice to target the right manufacturers El Reg

Yes - in particular, Pektron should be asked to explain their design choices.

JohnG

"Even if your Tesla get stolen, it has a high probability to be returned to you. I read 113 out of 115 Teslas stolen in the US were returned."

The situation has been a bit different in Europe: There was a spike in Tesla thefts in summer 2017, with cars disconnected from tracking and mothership.tesla.com at about the same time they were stolen... and they were not subsequently recovered. In the same year, a Lithuanian man was arrested in Germany, when the lorry he was driving was found to contain major parts from a Tesla stolen in the Netherlands four days before.

JohnG

Pektron

Whilst Tesla seems to be getting all the flak, their major failing seems to be not checking what was being supplied by the OEM, Pektron - here in the UK. What does Pektron have to say about this fiasco?

UK networks have 'no plans' to bring roaming fees back after Brexit

JohnG

At least two UK networks were offering "no roaming" deals in several countries in the EU and elsewhere, some years before the EU decided to impose their directive on the matter. Three is currently offering their "Feel at Home" deal in 71 countries (including EU27) - it seems unlikely they would want to reduce this number to 44, purely because of Brexit. The driver for these deals is competition, not the EU's directive.

Roskosmos admits that Soyuz 'meteorite' hole had more earthly origins

JohnG

Bung

Presumably, the ISS has a tin of assorted bungs, to fill such holes. However, I guess it could be tricky procuring bungs - When a ROSCOSMOS or NASA procurement guy says "I need some bungs", the suppliers might get the wrong idea.

JohnG
Coat

"contract expiring in April 2019" = Brexit

"Russia has warned that its days of being a glorified (and pricey) Uber for NASA's astronaut corps are coming to an end, with the current contract expiring in April 2019 and no new seats on the horizon."

Will the fallout from Brexit never end?

Mikrotik routers pwned en masse, send network data to mysterious box

JohnG

SNMP

"....the controller oddly seems to be interested in collecting traffic from the relatively obscure SNMP ports 161 and 162."

One possibility is that there is some other exploit in the wild, that transfers information using SNMP, on the basis that SNMP packets to and from almost any device would not be considered out of the ordinary and would be unlikely to trigger an IDS/IPS.

Anon man suing Google wants crim conviction to be forgotten

JohnG

Re: Let me get this straight...

"Every case should be taken on it's own merits and while I agree they shouldn't be setting up an investment business that depends on what they were convicted for in the first place."

Sunlight is a good disinfectant. Let investors have the facts and decide for themselves whether someone's conviction is relevant. If I were an investor with this guy, I would be more worried that he has represented himself in court and managed to accuse the wrong company, using a defunct company name. He seems to be out to prove the quote: "A man who represents himself has a fool for a client".

IBM slaps patent on coffee-delivering drones that can read your MIND

JohnG

Re: What could possibly go wrong?

"Swap Coffee for Beer and this could work wonders at a large music festival."

Then some folk will start fitting hooks and nets to festival flag poles, others will bring catapults,....

Nork hackers Lazarus brought back to life by AppleJeus to infect Macs for the first time

JohnG

Re: Trojans, again

"I just Googled 'Celas Trade Pro'....."

If you try those searches again but with results from any date older than two weeks, you will see nothing about hacking, trojans or stolen cryptocurrency. It is so easy to be clever with hindsight.

One of the problems with cryptocurrency mining/trading apps is that many AV products will mark all of them as malware.

How's that encryption coming, buddy? DNS requests routinely spied on, boffins claim

JohnG

DNScrypt

Dnscrypt can mitigate the problem of interference by a local ISP. It may not be ideal but provides a workaround until a better solution is found/implemented.

London's Gatwick Airport flies back to the future as screens fail

JohnG

Re: "no redundancy in the internet link"

"...the smartphone they are holding. You can absolutely use it to whine and wail on Twitter, or... I don't know... maybe look up the gate information on Gatwick's website?"

Reports elsewhere indicated that updates to Gatwick's mobile app were affected by the same fibre outage. It seems that the design was engineered to fail comprehensively.

Prof claims Lyft did a hit-and-run on his ride-sharing tech patent

JohnG

Re: Also Known as ....

"That has *nothing* to do with GPS, a technology that wasn't commercially available until about 2000."

Somewhere in a cupboard, I have a Garmin GPS 12XL, that I purchased in 1998. However, Garmin's first handheld was the GPS 50, which was released in 1991.

I predict a riot: Amazon UK chief foresees 'civil unrest' for no-deal Brexit

JohnG

No more invoicing from Luxembourg

Amazon has just woken up to the fact that, in the event of a no deal Brexit, they will no longer be able to invoice from Luxembourg or Ireland, when selling goods within the UK. This would mean Amazon would have to pay rather more tax on their UK turnover/profits than they do now.

UK spies broke law for 15 years, but what can you do? shrugs judge

JohnG

Re: Protection racket

"Who protects us from our self-described "protectors?" Apparently, no one."

This is a very old problem - Quis custodiet ipsos custodes?

JohnG

Re: I would hardly expect precise targetting

"with the amount of dipshittery that goes on in Westminster, I would argue that they should, just in case said idiot walks down downing street waving at the photographers with 50mpix cameras focused on the documents on show detailing the terrorist targets they are about to round up.....

and its no joke.... its already happened at least once ..."

But that judgement is not within the remit of the intelligence agencies or other civil servants. For better or worse, we have a democracy and the civil servants work for the government, not the other way around.

British intelligence agencies have form for getting way out of line: MI5 spied on Harry Wilson when he was prime minister, because they believed him to be too left wing and possibly in contact with the KGB.

Galileo, here we go again. My my, the Brits are gonna miss EU

JohnG

Re: Fgs

"The EU has free trade agreements in place with 72 countries representing 75% of global trade."

Are you sure? I counted 35 FTAs in force and those include territories like "Akrotiri and Dhekelia" (British bases in Cyprus), "EU's Overseas Countries and Territories", "Palestinian Authority", etc. There's no way that these 35 add up to 70% of global trade. I'm fairly sure that the trade of USA, China, Japan and Hong Kong add up to over 25% of global trade and the EU doesn't have FTAs with any of them.

JohnG

Re: NATO... And the German car industry.

The fundamental problem with using GPS for anything important is that it is a US military system and the US government/military may decide to turn off the commercial signal locally, regionally or globally, to mitigate some perceived threat. The same can be said of GLONASS.

Creep travels half the world to harass online teen gamer… and gets shot by her mom – cops

JohnG

Re: Now he can get a tattoo, "Shot by the Mom!"

I think he is more likely to end up with tattoos indicating that he is someone else's prison bitch.

JohnG

Re: Isn't he supposed to be ...

The cops have already said there may be additional charges, on top of "breaking and entering with a deadly weapon with the intent to commit rape, robbery or murder". As I understand it, this is a Class 2 felony in Virginia and could carry a sentence upon conviction of 20 years to life and a fine of up to $100,000.

National ID cards might not mean much when up against incompetence of the UK Home Office

JohnG

Residency registration and national identity cards

There are two issues: identity cards and registration of residency - the UK has neither. In many other countries, in Europe and elsewhere, citizens and other residents are required to register their address with local authorities, within some period since moving in (usually, within three months). Not registering is seen as tax avoidance.

Similarly, national identity cards are often mandated in many countries, often with a requirement to produce ID on demand. ID is typically also required when signing up for a mobile phone, opening a bank account, registering a car, renting or buying a property, etc. When done without the sort of draconian nonsense attempted by UK government, ID cards can be quite useful.

Whilst not having residency registration in the UK seems like freedom, it can be a problem if you ever need to prove your residency in the UK for tax/pension purposes, entitlement to free non-emergency NHS treatment, etc. For immigrants, trying to prove the duration of their residency to establish their right to permanent residence or to British citizenship, it is a mess: The Home Office don't have a definitive way of proving residency and historically, they have rejected documentation that courts have subsequently declared as being conclusive.

Personally, I would quite like to see the UK introduce simple national identity cards (without all the draconian nonsense of previous attempts). I think registration of residency for everyone is essential, regardles of the ID card debate.

Um, excuse me. Do you have clearance to patch that MRI scanner?

JohnG

Re: obvious solution ...

Some of a hospital's systems may need access to the Internet but certain pieces of equipment then need to be isolated, perhaps even standalone. However, as Stuxnet demonstrated, isolation is not a panacea for all security issues.

Meet the Frenchman masterminding a Google-free Android

JohnG

LineageOS

Probably best to start with LineageOS (forked from Cyanogen) and talk with the folk developing it. Then there's XDA Developers.