Re: One place I workded...
...thousands of numbers with 0 calls where ditched.
And then they tried invoking the DR plan using those "redundant" circuits :-)
51 posts • joined 6 Jun 2007
Teams generally works as well on Linux as on other platforms.
Which means that it's often pretty good - providing you don't have to use more than one Teams account. And know when to ignore the nags to download a client. And reboot when it loses your camera or microphone. Whether on Linux, MacOS or Windows.
As soon as you need to use two accounts (two companies, home and work, etc) you may enter the hell of being partly logged into both. Sometimes using the native application for one account and the browser for another might work. But sometimes the only fix is to delete all the 250 MB (!) of local Teams data and start again. At least that deletion is easy on Linux, no registry stuff to mess with.
Personally I prefer Jitsi, just click on the link of your choice and go. No need for an account or anything. If keen, you can run your own private server. WebRTC is close to a standard and hopefully will kill off the multitude of clients.
From the comments so far, I think the average Register reader must prefer something more complex!
I see this announcement as simplifying the installation, so that anyone capable of installing NOOBS or Buster on a raspberry Pi can now get a full-blown appliance.
One catch not mentioned in the article is that this is for Raspberry Pi 2/3/4, it does NOT work on Pi 0 or 1. Due to the different CPU architecture for Pi 0 and 1, Ubuntu Server does not run on those devices, and the appliances are based on that plus snap images. I suspect too that Pi 0 and 1 might be a bit underpowered, but might try NextCloud Pi on a 0 sometime.
It's certainly convenient to have the auto-updating snap packages so it stays up-to-date. Of course you have to trust Canonical and Nextcloud, but you are doing that already if you run their software.
Re PiHole - Adguard Home has a comparison of features https://github.com/AdguardTeam/AdGuardHome#comparison-pi-hole - I'm sure our lovely commentards will comment on the accuracy of that list.
I have a TalkTalk Sagem router, and found it is a bit confusing. There are two DNS settings, the one to alter is TalkTalk Wifi Hub" -> "Static DNS Server Configuration" which actually sets the DNS addresses sent by DHCP to connected devices. Set those to your preferred provider. Leave the "Internet Connectivity" DNS settings on 184.108.40.206 / 220.127.116.11 so the router itself gets DNS from TalkTalk,while your devices get it from elsewhere.
"Not supported" doesn't mean the device is vulnerable, just as "supported" doesn't mean it is secure. The survey states "57% of IoT devices are vulnerable to medium- or high-severity attacks" which is worrying. However it doesn't distinguish between the vulnerabilities due to poorly configured devices (which can be fixed quite easily) and vulnerabilities that require software update to fix.
I use KeePassXC, which is a native code fork of KeePass / KeePassX, but uses the same database format. That allows "CSV import from other password managers (e.g., LastPass) ".
KeePass v2.0 also states it imports from LastPass. https://keepass.info/help/base/importexport.html.
So have another look!
QuickFile https://www.quickfile.co.uk/home/pricing is free for up to 1000 transaction entries per year.
That includes any bank account transactions you choose to import into the system, but simple use by contractors should use far less than 1000.
It's a full online system for business accounting and invoicing.
The other advantage of a *good* HTML to PDF system is the ability to select multiple web pages, and combine them into a single PDF document, with sections in the correct order.
For example, try to print the NCSC CLoud Security Principles starting from https://www.ncsc.gov.uk/index/topic/151. Similarly try printing appropriate employment and tax pages. The next trick is to make it print double-sided.
I have - once- come across a system which would let you select the desired sections of a larger set of documents, then it would generate a single PDF of them all, in a suitable format for printing.
> isn't this still susceptible to man in the middle attacks?
Not on the quantum channel. Check out "BB84". The key is transmitted with random encoding (i.e. with a second random key), the receiver makes a guess on each bit of the encoding. Some time later, that actual second random encoding is sent via a normal non-quantum channel which does not have to be secret. If the guess was wrong, throw away that bit.
A MITM has no way of knowing that second encoding until it's too late, and so any interception can be detected.
That's assuming the MITM can't spoof the authentication on that second channel.
>> elliptic-curve cryptography is not affected
Don't tell NIST [https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf] as they say ECDSA and ECDH (Elliptic Curve Cryptography) are both "No longer secure".
And don't tell the NSA [https://www.schneier.com/blog/archives/2015/08/nsa_plans_for_a.html] who are recommending against migrating to Elliptic Curve cryptography.
Guess what bitcoin uses to control access to your funds? ECDSA of course. So you can fund that quantum computer from the bitcoins released once you crack everyone's public keys on it.
Those password rules are just copying what people have done before (with a few variations to annoy the victims).
For online systems such rules are a defence against the poor implementation of an authentication server, which allows hackers to steal the entire database. Which just should not be allowed, we've had much stronger technology for years.
What should be required is
a) strong hardware-based protection of the database - think HSMs or single-function appliances in a monitored datacentre that provides no admin or physical access to the database.
b) lockout against brute-force attacks, either 5-stikes and out or exponential backoff.
With those provisions, 4 or 5 digit pins should be adequate for most online functions. Just as is done for credit cards.
On a purely technical basis, little endian representations of numbers are much easier to parse and handle. I'm meaning proper numbers, not the arbitrary computer representations. Take the number 12345675679274658. Quck now, is that one quadrillion, twelve quadrillion, 123 trillion, or what? You are going to have to do a right-to-left scan of the number to find out.
The Arabs had it all sorted out, with little-ended numbers (written right-to-left of course). But when the West appropriated the idea a few centuries ago, they omitted to reflect them to convert between Arabic right-to-left and Western left-to-right writing direction. So we've ended with the current confusion.
Oh well, it could have been worse. We might have been using Roman numerals still, with no zero, if it hadn't been for the Arabs.
Current cabling still costs a small fortune in copper, much of which is unused. Standard 10/100 Ethernet only uses half the conductors in the cable. Desks are over-provisioned with cable just in case future needs increase.
But the cost of making a passive termination socket is not actually much different from adding a few chips and making an active socket instead. That active electronics might be used to report on cable condition and faults (heck, even BT has slightly active master phone sockets with a resistor and capacitor so you can remotely check there's a continuous path to the socket). Or could be used as a mini-router, allowing a few workstations to be connected down a single shared cable.
Jack PCs (http://en.wikipedia.org/wiki/Jack_PC) have been able to add significant intelligence to the socket, so certainly the concept is valid.
So why doesn't someone run with this opportunity?
"The midata vision of consumer empowerment" http://www.bis.gov.uk/news/topstories/2011/Nov/midata
"Midata - access and control your personal data" http://www.bis.gov.uk/policies/consumer-issues/personal-data
Strategy document: http://www.bis.gov.uk/policies/consumer-issues/consumer-empowerment
See http://www.uwgb.edu/compserv/ehelp/office2007/fontchanges.htm for the suggestion to change the font size in Word and Excel. That's close to Arial 12 pt.
Taking an identical sample of text at *screen resolution*, the average colour of Arial 12 was 23.6/255 black, Century Gothic 11 was 22/255 black. So CG11 was 93.2% as dark as Arial12. Readability seemed comparable. If anyone wants to repeat as higher magnification they might get a closer approximation to the print ink savings.
So the plan is to charge the British consumer £5 billion over ten years in order to pay the entertainment industry £1.7 billion?
Either madness or bad statistics. Or maybe both.
(Note the comparison of a yearly figure of costs against a ten-year figure of industry "rewards" to hide the huge discrepancy. And the claimed £500 million sounds about right - the Office for National Statistics lists 18.3 million households, times £25 per year = £475 million. Allow for new subscribers and you get the £500 *per year*.)
Google currently has 21,200 references to the search "windows 7" "installation problems", but only 802 references to "ubuntu 9.10" "installation problems". [And altering the quotes or giving alternative strings also has Win7 outnumbering Ubuntu every time.]
Does this prove Windows 7 is harder to install than Ubuntu 9.10? Probably not, you really need to know the number of people trying to install either system.
But it does strongly suggest that the article is poorly researched and biased.
Quite so. But that's not what Adam did, he made a *copy* and changed the data in the *copy*.
As John Lettice points out at the end of http://www.theregister.co.uk/2009/07/09/id_cards_nir_tory_lib_plans/, the chip is intended to help detect tampering with the information printed on the card.
If you can make good forgeries of the card, then Adam's cloning lets you make the chip data match. But the reported Home Office statement is still factually correct, just not what it appears at first reading.
Anton Chuvakin makes a good point in http://chuvakin.blogspot.com/2009/07/more-on-kindlegate.html :-
"As a result, I suspect that the more stuff like "KindleGate" happens, the more the following perception (whether true or not!) will grow, strengthen and develop:
When you "BUY" digital content, you don't really BUY it - it is not really a PURCHASE.
When you STEAL digital content, you don't really STEAL it - it is not really a CRIME.
Back in 1992, trials of the "112" number led to many false alarms, see http://www.newscientist.com/article/mg13518280.400-cut-lines-led-to-phantom-calls.html.
"111" would be even more susceptible to line faults pulse-dialling the number.
(Badgers, as their setts could break the cables.)
There's a variant when an older work is "updated" - maybe to "correct" old spellings or political incorrectness, and then re-published as a "new" work. Certainly happens with old hymns - just compare the words you used to remember with the latest text.
Now would that apply if the republished work had deliberate misprints to try to create a new copyright version?
If there really is a tax or other protection on copyrighted work, it would seem reasonable to apply this to all copyrighted works. Working out how to divvy up the spoils could be "interesting". Surely that 700 MB download of Ubuntu must be worth at least 175 times that 4 MB MP3?
Try googling for "filetype:docx" (15,400 pages) and "filetype:odt" (45,000 pages).
Similarly "filetype:xlsx" gives 3340 pages and "filetype:ods" gives 9670 pages.
So ODF has about three times as many documents and spreadsheets as OOXML at present. Both are dwarfed by .doc (21,900,000 pages) and .xls (4,420,000 pages). As for the macro-enabled OOXML .docm and .xlsm there are less than 600 together.
Network Solutions *doesn't* protect the customer that was interested in the name. Anyone else can buy the domain name, but only from Network Solutions. So the only beneficiary is themselves.
They also put an "under construction" site on the domain. Great if you want to start a rumour - see http://microsoft-ubuntu.com for example. (And if you want to buy that, be Network Solution's guest.)
...came from the Jeff Jones report comparing the number of vulnerabilities found during the first 6 months of each product's life. See page 10 of http://www.csoonline.com/pdf/6_Month_Vista_Vuln_Report.pdf as mentioned on http://blogs.technet.com/security/archive/2007/06/30/windows-vista-6-month-vulnerability-study.aspx
Jeff doesn't actually say that Vista is more secure, but does say "Windows Vista has an improved security vulnerability profile over its predecessor and a significantly better profile relative to comparable modern competitive operating systems."
Any flames have probably been said already in the Slashdot articles linked by Jeff.
Biting the hand that feeds IT © 1998–2021