* Posts by Pierson

22 posts • joined 24 Sep 2010

UK's super-cyber-snoop shopping list: Internet data, bulk spying, covert equipment tapping


This will become a game of whack-a-mole..

I wonder what they'll log when J Bloggs accesses a site via SSL/TLS, because if it's a server hosting multiple sites, then all they'll get is the IP address - they won't even know if the underlying session was HTTP, or something more esoteric, aside from the port used.

Also, will running a webserver on a non-standard port be logged, or will they miss it?

Moronic Time cover sets back virtual reality another 12 months


Solution in search of a problem

VR is the archetypical solution in search of a problem.

It was the Next Big Thing twenty five years ago when I was an undergraduate, several years before Luckey was born. It appears not to have moved on significantly since then, modulo cheaper/easier technology.

GOOGLE GMAIL ATE MY LINUX: Gobbled email enrages Torvalds


Re: Needs And Wants.

"Google is everywhere, all the time! Google sees all, reads all, knows all!"

Remember, Mundanes: "Google is Mother, Google is Father!"

Man hauled before beak for using drone to film Premiership matches


Re: Ban them.

"I was just wondering what Mr. Lawrence would consider as valid past times for adults that offeres value for money"

As Ivor Biggun once famously sang: "It's available at any time, and it's absolutely free!"

Google begins to roll out Lollipop to Nexus devices


Re: We'll never get longer lasting batteries...

"Maybe they'll add perpetual motion chargers to phones and require you to shake them to keep the screen on..."

I now have this image in my mind of the air in Starbucks filled with ballistic 'Droids and iThings, as their owners inadvertantly lose their grip during the cyber-fapfest recharging ritual.

Somewhat like the riverboat Derringer shootout in the Simpsons' Hucklebery Finn parody, only more lethal.

Crypto collision used to hijack Windows Update goes mainstream


Need multiple checks, always

For applications such as verifying updates, etc, good practice should include secondary checks to make attacks against weak hashes harder.

In this instance the following would all have helped: verify data size as well as checksum (not always feasible); use more than one checksum, e.g. compute checksum for the data and also for the data plus a salt; use more than one checksum algorithm.

All of the above should significantly increase the workload for a potential attacker, hopefully making the attack unfeasible.

Oh, and of course, drop old and weak algorithms like a hot potato...

Tor exit node mashes malware into downloads


Same vulnerability both on and off TOR

Of course, if your dowloads are vulnerable to MITM over TOR, then they're equally vulnerable to it over 'regular' Internet, too.

The main difference is that on TOR, there is a somewhat higher chance that someone is attempting to actually attack your traffic at any given time.

Israel develops wireless-malware-injection-by-smartmobe tool

Black Helicopters

EMI on a LAN connection?

The linked article in the Times of Israel is so vague as to be nonsensical, and references the installation of malware on both the phone and the target computer, which then cooperate to form a covert channel over the air-gap - so far so conventional.

The article then suggests that the malware on the PC jumps the air gap during installation by some kind of EMI magic, also, but is painfully vague on the mechanism used.

One possibility, if the phone malware can access the baseband features of the phone's radio, is the injection of packets onto a wired LAN by inducing a current in the network cable - Phone radios can certainly operate in the high MHz / low GHz bands required, are quite powerful within the 6m range stipulated, and are well known as sources of induced EMI.

Whether this is feasable is extremely debateable, but, it approximately fits the hand-waving in the original article.

AOL confirms security breach from spam attack


Be where of thee spell chequers

"In the meantime, AOL is advising users to be weary of suspicious or unknown email messages."

Weary? I'm bloody exhausted!

Tech giants KNEW about PRISM, web snooping, claims top NSA lawyer



ISTR a series of odd and unexplaned sudden outages on various large Internet companies at around the time Snowden leaked PRISM etc - Google, Apple, Microsoft and others all dropped off of the Internet for hours or days at a time, one after another.

No credible explanations were given by the companies, and speculation was rife that they and/or the NSA were hastily removing black boxes and mirrored ports before their complicity was exposed.

Facebook Frankenphoto morgue will store your cold, dead selfies FOREVER



Please, pass the brain bleach - I speed-read the headline on RSS as 'cold dead stiffies'...

Headmaster calls cops, tries to dash pupil's uni dreams - over a BLOG


At least the lad seems to be able to write reasonably well

"Michael Gove and the previous mindless c**ts that have held the role of education secretary have made comprehensive state schools into factories for young people. We are not educated, we are inculcated and cultivated to be a society of vacuous consumers. With tuition loans being a thirty-year education tax, we are slaves to the dime."

I just wish that some of the alleged graduates who periodically inflict their (unsolicited) CVs on my business had this sixth-former's ability to express himself cogently - some of them might then have half a chance of being considered for employment.

Twitter just got sh**tier: Natter emitter hit by code critter, fritters web glitter


Up .... down ... up ... down ...

As of 2210, the whole of twitter.com appears down: just getting a blue banner page with "Something is technically wrong. Thanks for noticing - we're going to fix it up and have things back to normal soon."

"Technically wrong" my hairy arse - something's literally wrong! And, I LOVE the chutzpah they show, thanking the user for "noticing" their error screen. Do Twitter employ Mel Brooks to write their error pages?

Oh, and while I was writing this, it appears to have come back on line again - I expect it was due to Nargles.

Snowden journo's boyfriend 'had crypto key for thumb-drive files written down' - cops


No one can be that incompetent, surely?

I'd love to believe that this is just HMG trying to do a snowjob(*) on Miranda, Rushbridger et al, or that the journo's are working a sophisticated sting against the spooks; but, to be honest, it really does seem that the Graun and its fellow travellers are a bunch of incompetent innocents who aren't fit to be allowed near an abacus, let alone a sensitive computer system.

These documents would probably have been a lot more secure if Rushbridger and his crew had simply communicated with each other, carefully, via PGP/GPG encrypted emails.

It reminds me of that sniffy comment by Gandalf in LOTR about his exaggerated fear of Sauron vs. his overoptimistic faith in the Innkeeper Butterbur...

(*) well, they are anyway, but I simply can't stack up the comments by the Graun, Miranda and others and still assume that they are in any way competent.

Powerful, wallet-sized Raspberry Pi computer sells out in SECONDS


Re: Re: Small cheap computers

" I hope XBMC etc gets ported to one."

It already has been - someone was running a demo a few weeks ago on one of the prototype models.

There's a link to it somewhere on the Raspberry Pi website (if they've restored the full version after this morning, yet.)

Space: 1999 returning to TV?


Re: Remaking Blakes 7 (modulo apostrophe)

"Hell all they need is the CGI and some decent actors since the scripts were so bloody good in the first place."

Do you think that some Peter Jackson type, in possession of a bevy of allegedly better actors and a heap of shekels, could ever resist the temptation to, ahem, improve those same 'bloody good scripts'?

Sets that wobble and billow as the actors walk past and props that Blue Peter were able to reproduce more realistically with detergent bottles and sticky-backed plastic really are not all that much of a problem on top of a good, innovative scripts.


Compare the current well-meaning and angst-ridden mess that is Dr Who with its heyday in the 60s and 70s.


Thumb Up

Known Space... Yes yes yes!

An upvote is not enough to express my agreement with that suggestion.

Niven is the author of some of the best sci-fi ever written, IM not so HO.

It would, however, need a very good director, given the quantity of asides and introspection in some of the works - try getting the narrative from Protector, for example, into a TV/Movie friendly format without loosing the subtlety of the Pak's worldview and without turning the Pak into Hollywood Terminator-style psychos.

Some of the collaborative Kzinti Wars stories would be eminently filmable as long as the director could resist the temptation to portray the Kzin as Simba-in-a-Spacesuit, as some of the less able cover artists of the volumes on my bookshelves have regrettably done.

Oh, and I'll see your Larry Niven and raise you an Alfred Bester - The Stars My Destination would be a fun movie for those raised on sci-fi that relies more on thought than on CGI pyros.

There's a lot of written sci-fi out there, especially from the mid 20th century, that Hollywood and TV have overlooked and which could usefully be examined instead of the current vogue for weakly re-making other's works of twenty or thirty years past.

But then again, as a friend of mine was given to observing, the pictures are always better on the radio, not to mention the printed word.


Dr Russell was overrated

> Did you watch a version with Barbara Bain edited out?

Can I cast a vote for Sandra Benes, played by Zienia Merton (*).

(*) Thank you wikipedia!

Hack attack kills thousands of Aussie websites


Store you own backups...


So, how many of these websites (especially the commercial ones) keep their primary copy of their data on the customer's local servers, where it is also fully backed up, including off-line copies?

Then this copy is used to regularly synchronise the online servers at the ISP, so that the ISP provided machines and accounts were merely an easily replaced conduit for traffic.

Now, hands up everyone who simply relies on their ISP, however cheapo, reliably hosting their data for ever and a day with no loss whatsoever...

Chicken Little report: Sat-nav dependency spells DISASTER!



Most of those suggesting that people learn to use maps for navigation, do not have high precision dead reckoning on the top of a mountain in adverse conditions in mind.

They are suggesting, for example, that people in cars learn to read a combination of road signs and an AA atlas, rather than blindly following the silky voice telling them to turn left into the next available swamp.

Your points are well made, but largely irrelevant to the bulk of the situations in which people will find themselves. The post to which you were replying, for instance, referred to people on their Blackberrys in an urban setting, not half-way up Snowdon on a foggy November night.

As an experienced Mountain Rescue volunteer, the reference to walking into lamp posts might have alerted you to the intent of the original poster - the damn things are pretty thin on the ground up most non-Narnian mountains that I'm familiar with.

You are confusing a requirement for expert, specialist knowledge of a subject with a call for a more people to take the trouble to acquire some basic skills that will be of use to them in many circumstances other than the demanding situations in which you have chosen to work.

Google ends 'do be evil, if you want a top ranking' policy


re: You're kidding me right?

"What do you call it when your name reflects what you do?"

Nominative Determinism, according to the Feedback column in New Scientist.

School caretaker jailed for fitting up colleague


Twelve Years...

One reason he got twelve years, more than e.g. a typical rapist, is the nature of his crime.

This guy tried to run a cart and horses through the legal system, attempting to subvert it to his own ends.

So, the court has given him a sentence that reflects at least what his intended victim would have got, had the plot succeeded (and it very nearly did), plus a few extra years to make it quite clear that his behaviour is totally unacceptable - with the current assinnine vigilante mentality in this country, he's lucky that his victim didn't end up dead or seriously injured at the hands of some belming knuckle draggers from the local sink estate.

And yes, the SOR *is* appropriate for him, given the nature of his crime and the materials he used in its commission.


Biting the hand that feeds IT © 1998–2020