Posts by alain williams

Fuck off Pompeo

The UK is a sovereign state, we make decisions according to our own interests. We do not want to be bullied by another country: especially one that is wrapping up their commercial interests as a security issue.

I believe that Pompeo is trotting out this fake news on behalf of Trump - someone who shows no restraint on lying to get what he wants.

Please fix the proven spying in kit made in the USA before you complain about unproven spying in kit from elsewhere.

Too much damned javascript ...

noscript blocked about a dozen sites ... I enabled RedHat & a few and still nothing of interest showed.

I'll wait until details come out elsewhere rather than submit to whatever collection of tracking they are using.

Bringing MS Spyware to Linux

As I see it this is the Linux kernel running under a MS hypervisor. This means that the MS kernel sees everything that goes in & out of the Linux kernel and is so available to be slurped up and exfiltrated via telemetry. MS can then inspect/sell as it wants. Your Linux system is now not secure.

You might think that this would be hard to do; but one of the most sensitive devices is the keyboard (think typed passwords). Snooping of this would be easy and the bandwidth needed to take and forward to the NSA would not be large.

So: do not use one of these machines to ssh to something precious.

Oh ...

I can see all sorts of adverts down the side of El-Reg pages ... never seen them before!

It actually feels un-nerving to know that I am leaking all sorts of info as no-script, cookie-auto-delete & others are not protecting me :-(

Time to get a Theresa May face mask

Police are also continuing to build giant databases full of biometrically scanned images of innocent people’s faces

and walk round various shopping centers.

The USA wants Assange for what he did

please remind me if they have been after those who Assange exposed for doing wrong; eg the helicopter crew who laughed while shooting innocent people ?

This is a case of 'shoot the messenger' - there is a clear message to other who might expose USA wrong doing.

This only shows to not trust USA intelligence

If they blab this probable bollocks about Huawei how much trust should we give to anything else that they say ?

What have we had: hacking from North Korea, Putin meddling in USA elections, Kaspersky Labs spying for Russia, ... ? I offer no opinion on any of these, but I down rate what the USA claims.

Of course, they say nothing about: Cisco routers tampered by the NSA and don't ask questions about what Microsoft telemetry is really about.

Sky been taking lessons from Microsoft ...

push out updates without adequate testing ?

No underwriters - no fat fees for bankers

I don't see a problem with that.

Very lacking in specifics ...

What operating systems, version; what PDF readers, etc ? Some details as to where holes have been found in the last year or few.

Eg: is MS Windows 10 any better than 8 ? What versions of MacOS ? What Linux distros ? Or do they assume that everyone runs MS Windows 10 ?

OK: can't predict the future, but knowing what has been vulnerable in the past can suggest what to avoid.

''deleting the illegally collected details''

They might even do so, in an unusual fit of honesty; but what they will not do is to delete the social graph/connections that they have learned as a result - this is what I would like to see deleted.

Maybe punishment should be that Zuckerberg's address book should be made public, see how he likes that. Although that would be unfair on those who are exposed as talking to him.

If Morrisons is liable for what an employee did ...

then is the USA Commander in Chief (currently one D Trump) liable for what was released by Chelsea Manning ?

Fuck off USA

That is the only possible reply to a bully; then the rest of us refuse to share security data with the USA.

This seems to be as much about economic competition that security/spying.

It seems that the quality of Huawei code is poor, but that is a different/unrelated topic and seems no worse than the code in their competitors' kit.

Is this the best that the USA can come up with ?

We all know that the USA wants to lock Assange up for as long as possible to frighten anyone else who is thinking if lifting the lid on unsavory actions done by (or on behalf of) the USA. This is all about punishing the messenger, not the guilty.

If they do get their hands on him: he will not get a fair trial - so the UK should refuse to extradite him.

It will be interesting to see how supine our politicians are ... yes, yes, I know that the judges will supposedly make the decisions, but it is likely that they will be heavily leaned on. I wonder what the deal will be ? Give them Assange and we won't need to take chlorinated chicken in a post Brexit trade deal ?

BTW: have any of those troops shown shooting up innocent people yet been put on trial ?

Does he yet have a ticket to the USA ?

This is what he was afraid of: the USA, somehow or another, finding a way of getting him over the pond. Once there he would likely spend a very long time in chokey, on some pretext of another. The real reason is that he embarrassed the USA by exposing things and some there want revenge.

I know places still installing them ...

It is quite fortunate that none of them are places where you need to worry about security; eg: ATMs.

HMRC taken advice from Microsoft ?

Just implement stuff and get the users to test it for them.

So this has nothing to do with ...

a more favourable tax regime in Eire ?

Did these companies also report like-for-like comparison ?

All that the median number tells us is how many men/women go for the higher paid jobs or work longer hours - which, to an extent, is up to the individual. There might be some prejudice in the hiring and promotion of people, that will be harder to flush out as it will need careful analysis of the decisions made that result in a job offer or promotion.

A like for like comparison (ie job rôle, experience, hours worked) will tell us if there is real wage discrimination - this difference should be zero.

The next target ...

should be those web sites that ask you to opt OUT of receiving spam, etc. My understanding is that these should be opt IN.

Many do this, but start with Ryan Air.

Why have HMRC given my tax records to the USA government ?

If all that data is held by Amazon, a USA company subject to USA laws, then how long before the NSA/CIA/... issues them with a National security letter demanding a slurp of all UK tax data.

How can they be so stupid ? Or don't they care ?

All this brouhaha about Huawei and we just give it to the USA!!!

Please can we have a real speed metric

CPU clock does not tell you a lot. Different chips have different numbers of processors. Different processors do different numbers of IPCC (Instructions Per Clock Cycle). Different Instruction sets do different amounts of work per instruction (think: RISC/CISC, or x68_64 vs ARM vs MIPS vs mainframe ...). See here.

Work done is the only real metric. Something like SPEC is a good starting point. OK: different types of work load use the CPU in different ways so SPEC is not always that good, but it is a much better metric that clock speed.

This will make it harder for the journalists as vendors like to quote GHz as it is easy and many people don't know better. But most el-reg readers do know better ... so, please, can we have something more meaningful.

Just crap software

Another example of crap software talked about y/day. I doubt that Huawei is worse than many vendors who ship other closed source on their kit. Huawei sells hardware, the software that makes it work is just an inconvenience and so will put as little effort (== cost) into it as it can get away with.

BTW: some will claim that this is an example of Chinese government back hole in Huawei kit; possible but I doubt it.

When the data breach happens ...

which, and how many, government minister's wife/husband will have been found ogling skin ?

Or fleece for the Welsh Assembly.

What a stink over a bully!

I hope that the court case clears the air.

It also seems that the astronauts ...

have the right to repair their kit. Hopefully this will be one of the spin off benefits from the ISS.

Thumbs up to the Reg hack

that dug up that Pinocchio in a suit image!

Buy Huawei kit - install the open-source Network Operating System

They have the hardware that we need; just replace the firmware with something that we can trust.

(Assuming that the spyware was ever much more than smoke rings puffed from Trump's commerce department that Supports USA companies.)

How much is the Welsh gov't being paid ...

to take on some of the function of the MS marketing department ? Pushing this stuff to school kids thus ensuring that it is what they will expect to use when they enter employment ... and complain if given anything else.

Oh, you mean Wales is paying MS, not the other way round !!!

Education should be about teaching kids how to use computers and a variety of software products.

Training is teaching kids to use one product.

How low our education has slumped.

Where else will this apply ?

John Deere tractors & motor cars to start with.

What about broken firmware on 'phones, IoT devices, etc - many of which do not receive updates for very long - if at all.

Will Huawei start shipping boxes with this ?

It would make it harder for the USA to claim that Huawei networking kit is riddled with Chinese Gov't spyware. Especially if Huawei makes it easy for the local network admin to install his own compiled copy of NOS.

Granted the claim could be made that the hardware is spooked, but that is harder.

Next question: will CISCO also support NOS - so we can be free of NSA 'additions' ?

These new TLDs were always a stupid idea

It is an ICANN money making scheme, completely unnecessary.