* Posts by pompurin

145 publicly visible posts • joined 25 Nov 2010

Page:

Snap CISO: I rate software supply chain risk 9.9 out of 10

pompurin

Docker and Containers

It feels like this is made almost impossible with the nature of containers.

I've yet to see a Dockerfile that pins the versions of all the libraries they use. They download the latest available on the repositories. Idempotency is a lie.

Workday sued over its AI job screening tool, candidate claims discrimination

pompurin

Apply for any work with the UK civil service and you can't provide any of the following:

1. Your name

2. Your university/school

3. Your DOB

4. Any other information that may Identify you in other ways

This is so they can box tick HR initiatives, and waste time interviewing people who realistically never stood a chance.

Windows 10 paid downloads end but buyers need not fear ISO-lation

pompurin

Re: Operating system isn’t even relevant anymore

This is such a Millenial/Zoomer take comparable to the likes of Apples 'What's a PC?'

There's a big difference between people who use a machine for work and for pleasure. The people who use a PC for pleasure is mainly the domain of Gaming Enthusiasts. But you also forget the numerous amount of people who use it due to a disability and those who just prefer a fixed PC in their house. The mass PC market of the 90s and 2000s has now moved on to Mobiles and Tablets.

Dedicated PCs for work are still an going market and are not irrelevant.

Google dumps 12,000 employees after project probe

pompurin

Re: "We hired for a different economic reality than the one we face today."

Every single fault in the world can be simplified to: "Our predictions were wrong".

Microsoft tests 'upsells' of its products in Windows 11 sign-out menu

pompurin

> LeBlanc at the time said the inclusion was a mistake, telling El Reg: "This was an experimental banner that was not intended to be published externally and was turned off."

This was not a mistake.

Red Hat defends its CentOS decision, claims Stream version can cover '95% of current user workloads'

pompurin

Re: The RedHat corporate spinners won't fix this

Linux Mint or Debian straight appear to be the best options. I tried installing Net-SNMP on Ubuntu 20.04 and I couldn't understand why it wasn't available with apt. You are forced to install it with snap. Why after all this time force a user onto snap when we've installed it with apt for a decade?

Linux Mint have made it clear on their website that they are against the Snap ecosystem and will exclude it from the builds.

Pretend Python packages prey on poor typing

pompurin

If they're to use non memorable names for packages then I'm not really surprised.

They should be pointing some of these 'mistyped packages' to the correct ones in most cases, like meta packages in ubuntu/debian.

Why on earth are 'bzip, crypt, pwd, telnet and urllib' not reserved or meta packages? At the very least something on the lines of 'you typed telnet, did you mean telnetsrvlib?' based on package popularity.

London Tube tracking trial may make commuting less miserable

pompurin

There's a great video of a guy racing the train between Mansion House and Canon Street on YouTube. He makes it with a few seconds to spare.

Couple fires sueball at Amazon over faulty solar eclipse-viewing goggles

pompurin

Optional

It's like suing The Trafford Centre/Metro Centre/Bluewater for buying something dodgy from an independent shop inside. Obviously if you bought them from a big name shop then there's money to be bled so you would be better off going for them than Amazon. Doubtful in this case.

Brexploitation? Adobe gets creative with price hikes

pompurin

Re: By The Short and Curlies

This is currently how Intellij license their software. When you first buy you have a perpetual fallback license for that version (including minor updates).

Originally they didn't allow this and were the same as Adobe, but with community anger they were pushed towards it.

I think it's fair and reasonable.

London's 'automatic' Tube trains suffered 750 computer failures last year

pompurin

Is anyone else willing to admit they spent 20 minutes browsing this map?

Fascinating.

Celebrated eye hospital Moorfields lets Google eyeball 1 million scans

pompurin

Optional

What is really sad is that out of the 5 leading cases of blindness:

1) Diabetic Retinopathy - A sympton of diabetes which is for the majority of people a result of bad diet.

2) Refractive Error - Can be corrected to a degree by optician but extreme cases exist.

3) Cataracts - Has a very successful success rate with surgery and most patients will have excellent QOL. Though you'll likely lose your reading ability without glasses.

4) Glaucoma - Is somewhat manageable if found early as it's down to high eye pressure.

5) Macular Degeneration - This is the bad one. It depends on whether it is dry or wet (dry is bad, wet is worse), but currently this can only be managed but will typically only get worse over time. It robs you of your central vision (ie your macular).

So out of the five, four of them are mostly manageable with modern medicine or diet changes. The fifth one hopefully will see some scientific breakthrough in the next few decades.

Hack the Pentagon shutters 100 bugs

pompurin

Re: Gary McKinnon

25 years in a super max.

Helium... No. Do you think this is some kind of game? Toshiba intros 8TB desktop drive

pompurin

Re: Charles 9

I'm glad you jumped to the bait because I was about to do the same thing.

Wi-Fi hack disables Mitsubishi Outlander's theft alarm – white hats

pompurin

Why is having it restricted to local Wifi a huge disadvantage?

I can't see why I would want to do any of these remote things unless I was in close proximity anyway.

Actually I think Mitsubishi have it right with the local WiFi hotspot rather than going over a local GSM Network. They just picked a far too weak pre-shared Key. I would be more concerned of a large scale attack on a car manufacturer which then allowed them access to thousands of cars. It also allows the car manufacturer remote access to your car.

Also what use is a GSM based App to an end user if you're anywhere outside a mobile phone signal range?

Did hacktivists really just expose half of Turkey's entire population to ID theft?

pompurin

It was only 18 months ago that the same thing happened to South Korea

http://www.theregister.co.uk/2014/10/14/south_korea_national_identity_system_hacked/

I would have guessed SKs security was better than Turkey, just from a pure personal opinion.

Judging from some of the people I've met I wouldn't put it past the same happening in the UK. We've already had a significant hack with Talk Talk 'outsourcing' their support.

Yesterday, Santander closed down all of their cash machines in Lancashire. You wonder how much of your information is already out there.

Tech biz bosses tell El Reg a Brexit will lead to a UK Techxit

pompurin

Re: Speaking from personal experience

> People also forget the British migrant workers who will be forced back to this country if Britain leaves the EU.

There is absolutely no evidence of that. FUD.

It's 2015 and VMware tools break VMs if you open two browser tabs

pompurin

Re: Hands up

That's what VirtualBox is for. I have three version of vSphere client (5, 5.5 and 6) because I get forced to download an update when I'm trying to manage a lower version of ESXi.

BT blames 'faulty router' for mega outage. Did they try turning it off and on again?

pompurin

Re: 'Faulty Router'

> If it starts announcing gibberish instead of what it is supposed to announce as routing updates - why not.

Thank you for being the sensible one here. I was expecting the standard "BT are shit" comments. I've had bad experiences in former houses but the last two I've lived in Cheshire have had no problems for 6+ years. I'll give BT credit where it's due.

Would you not expect a company of BTs size to have multiple CCIE types on their books, with an incredibly high spec network that is well designed to cope with the network traffic of the UK? Unfortunately all it takes is bit rot somewhere down the line, and you're sending out spurious data. The above poster is spot on.

2015's horror PC market dropped nine per cent

pompurin

Optional

Same here.

I think Windows 7 was peak Windows for me. I don't know what they were thinking with Windows 8 onwards.

Ubuntu 16.04 will be out in April this year and should prove another stable release and a milestone for Linux in general. Xubuntu comes recommended if you're used to Windows, it feels more similar in my book.

Are second-hand MoD IPv4 addresses being used in invoice scams?

pompurin

Re: Hamachi

Which as it happens is the MOD IP range. TIL.

Let's talk about that NSA Diffie-Hellman crack

pompurin

Re: howto

Yes thankfully I use dh2048.pem as well, and it is not kidding when it says this will take a long time. I've waited a good five minutes plus on some machines. Not long in the grand scheme of things.

So how do Google's super-smart security folk protect their data?

pompurin

I've been using a YubiKey and LastPass for the last two years. Each website has a randomnly generated password which I don't know. I only know the master password for LastPass which is sufficiently long enough.

They're a bit of an inconvenience at times, but since phones now come with NFC you can log into LastPass on your phone using 2FA as well. Some websites allow 2FA and some don't. I use it with Gmail b

I know some people will scowl at the use of LastPass, but it has proven effective over time.

Official: North America COMPLETELY OUT of new IPv4 addresses

pompurin

Why couldn't they have used commas or semi-colon instead of the colon?

I don't know about the rest of the world, but having to hold down shift for the colon every single time gets old very quick. I've got used to only needing to press one button for the fullstop in IPv4 addresses.

pompurin

Re: @chris 17

The owner of 150.150.0.0 looks to be the Korean company LG CNS. I never knew LG did IT consultancy until today.

Compromised Cisco routers spotted bimbling about in the wild

pompurin

Mandatory MD5/SHA hash on reboot then, preferably SHA as MD5 is broken. I thought most ultra secure places did these sort of integrity checks.

ICO probes NHS clinic's data blunder that exposed HIV+ status of 800 patients

pompurin

These are always great when they are accidentally started at a large company.

Then the inevitable "Please delete me from this list" messages start.

Then the inevitable "Please stop sending delete me from this list messages" start.

Then the inevitable "Don't you realise that by sending the 'please stop replying to this email' you're making it worse?'.

Ah the fun.

Apple splashes dough to keep Big Cheese safe

pompurin

Re: Learnt a new word

Here was me thinking you'd spelt Prerequisite wrong.

Giant Facebook SOLAR LASER DRONE to FEED interwebs into YOUR FACE

pompurin

It has benefits

I can see these having a use in disaster relief. Most communications tend to be poor after earthquakes or typhoons and this has the potential to provide a life line to more rural areas.

It's easy to have a dig at Zuckerberg on here but this is quite a feat of engineering and it looks likely he will actually deliver it.

Are you a Tory-voting IT contractor? Congrats! Osborne is hiking your taxes

pompurin

Re: Yes, they will emigrate

Apart from the small downside of a completely different language.

A dual-SIM smartphone in your hand beats two in the bush

pompurin

Re: They will send SMS

The THL Chinese phone I had allowed you to switch the 3G between each SIM within about 15 seconds. You could use both SIM cards as 3G, but only one at a time. I think that's a fair compromise that works for most people.

TfL to splash £400m on networking deal, despite GDS opposition

pompurin

Yep, they are responsible for Billions of pounds in investment yet at the same time are responsible for none of it.

Cisco in single SSH key security stuff-up

pompurin

I'll be the Devils Advocate here:

Without the associated private key of the private/public keypair an attacker would not be able to login?

Chuck chucks Cisco's China C-suite

pompurin

Are those real names?

Wim Elfrink, Padmasree Warrior and Edzard Overbeek.

I thought this was a wind up.

Apple announces 'Home' iOS 9 app to run the Internet of Stuff

pompurin

Toaster with Internet

Who's going to put bread in it? I would need a Rube Goldberg type contraption to take the bread from my breadbin and drop it in the toaster.

Solution looking for a market IMO.

Boeing 787 software bug can shut down planes' generators IN FLIGHT

pompurin

Re: Is this the (in)famous

Because I'm such a geek and had to see if this was as easy as I thought:

Signed 32-bit upper limit: 2^31 = 2,147,483,648

Seconds in a day * 100 = 8,640,000

248 days = 2,142,720,000

So looks to me like their counter is 0.01s :)

Gwyneth Paltrow flubs $29 food stamp dare, swallows pride instead

pompurin

Re: eat this

I don't know if it's cheating, but if you have time then you can browse all the supermarkets around reduction time and get some stonking deals.

Last week I got a bag of stir fried vegetables for 1p and some cabbage for 1p. Granted that's rare, but you can get it without much trouble for 20p and pretty much daily for 50p. Each day is different.

Cheap pasta/rice is easy to come buy, but the biggest problem is will power with the sheer boredom of the diet. If you have luxury foods within an arms reach then what's the point in forcing yourself on this diet, to feel good about yourself?

National Grid's new designer pylon is 'too white and boring' – Pylon Appreciation Society

pompurin

"they're a bit white and they're a bit boring."

I thought this was going to be from the BBC or Guardian types. Not enough Black or Minority Ethnic pylons.

‪Obama criticises China's mandatory backdoor tech import rules

pompurin

They want us to use 2ROT13 encryption.

Tinder Plus charges oldies MORE to ogle young hotties' pics

pompurin

Re: u can grind on me

0x32 shades of RAL 7035.

Why IP telephony is about more than just saving money

pompurin

Re: STOP!

"Speak for yourself, we use RT Audio Wideband internally."

As you'll see I stated that IP voice internal to an organisation is far superior in quality. It is when you leave the confines of your own organisation and need to talk to other people the quality will suffer.

pompurin

Re: STOP!

I think you could have mentioned quality as well.

In the Video world we're moving on to 1080p and above.

In the Audio world we're stuck on 64kbps with terrible frequencies. Ever tried to listen to someone readout a postcode and tell the difference between an F and an S? Most people can't.

IP voice internal to an organisation is far superior in quality. External is hit and miss, usually miss.

Facebook security chap finds 10 Superfish sub-species

pompurin

Yep, the whole problem with SSL is it is based on 100% Trust.

I can trust someone 100%, but I don't trust their judgement on other people 100%.

Take a look at any browser certificates and you'll see a whole lot of companies you would never personally trust, you are just taking Firefox/Chrome/IEs word for it. Unsurprisingly this is how the browser makers make some of their income.

Lenovo to customers: We only just found out about this Superfish vuln – remove it NOW

pompurin

Re: Orange Alert!

I've bought two Medion Laptops (made famous by Aldi) direct online and they had an excellent way of recovering. They use a secondary partition like most manufacturers do, but they had a list of driver folders from 01 to 13 in the order you were expected to install. Within ten minutes of a fresh install I had all the drivers installed and solved all of the usual issues I have with Windows like Wifi, Blueetooth, SD Card readers, Laptop hotkeys. Not a bit of bloatware in sight. That's nice.

Show me the money, America! It's time to learn how to pronounce 'Xiaomi'

pompurin

I thought one of the Xiaomi Execs had already said he explains it as:

'Show' from 'Shower'

'Me' from 'Me'.

Or you could go and learn Pinyin, which could take some time.

小 = Xiao = Small

米 = Mi = Rice

Kind of.

easyGroup railroads easytrain.com owner

pompurin

Re: The real question

Megabus run a small offshoot called MegaTrain. I can see EasyTrain fulfilling a similar niche.

The gender imbalance in IT is real, ongoing and ridiculous

pompurin

Re: 50% female bin'people'

You never hear the same complaints about construction and labouring industries. There is easily less than <1% female representation in that workplace. If we're all the same apart from these 'gender constructs' then why are there so few women labourers?

Because we're not the same, and never will be.

Something ate Google's 8.8.8.8 at about eight in Asia's evening

pompurin

Re: Never trust in centralized services

Come on, this is ridiculous. Google, the big internet giant just terminating their DNS servers or going bust? Paranoia.

pompurin

Personally I use a mix of 8.8.8.8 and 208.67.220.220. If both Google and OpenDNS go down then the internet is borked.

I've got a new Linux box, how does it work... WOAH, only asking :-/

pompurin

I've just bought a brand new laptop (Medion online) which came with Windows 8 installed. I tried it for about a week before I gave up even trying and had a dilemma between going back to trusted Windows 7 or for a brand new Linux Mint 17 installation with Cinnamon. I've went with Linux and so far it is turning out well.

It hasn't been all straight forward, I had issues with my wifi drivers as the wifi would randomly drop after about 5 minutes. An upgrade of the Kernel to the latest version managed to resolve this. Apparently my wireless chip is quite new and wasn't well supported in previous kernels.

There have been other strange things, like the difference between exFAT and FAT32 on USB sticksa and how you need extra packages installed to read these on Linux. It didn't take long to sort.

I did have a bit of issue with the video drivers that were installed by default as I was getting serious tearing with youtube videos. I added a ppa repository and updated to the latest nvidia package via that and everything has been stable since.

Chromium is the best browser I've used as there were issues with running a video full screen with firefox as any activity on the second monitor would cause the fullscreen to quit. No such problems with Chromium.

I couldn't get Linux Mint to boot at all with UEFI on this laptop no matter what I tried. I ended up giving up and going back to BIOS as there is really no difference apart from maybe a couple of seconds in speed on bootup. The hibernate/sleep function is unstable. My laptop will almost definitely give a hard freeze (ie alt+f2 won't even work) and I have to do a reset by holding down the power button for 6 seconds. This is unfortunate but I've decided I can live with it for now. I may find a solution in the future. For some reason my brightness up/down settings occasionally stop responding and I have to restart the laptop before I can change them again. Oh yes and if any of you use the CAPS lock key rather than shift for capitalization then you will run into a very frustrating 'feature' than means CAPS lock is not turned off until it is fully released. This ends up with a lot of typing LOoking LIke THis. I can't help having learnt with caps lock as it works fine on Windows but there is no fix for Linux it's just something you have to get used to even though it is a well known problem going back for almost a decade!

Everything else is working, multiple monitors (two on this laptop), printer and scanner from the Brother printer (brother have excellent Linux support), webcam, usb sticks (Apart from exFat issue above), my usb phone tether, wireless mice, sound, videos, wired network.

I think Microsoft have really shot themselves in the foot with Windows 8. I've given Linux a try ever since the Ubuntu 8.04 days but there was always something that forced me back to Windows. This is the first time I think Linux is finally ready for the desktop.

Page: