* Posts by TReko

257 posts • joined 25 Feb 2011

Page:

Google Docs users, you are on notice: Code rewrite may break browser extensions

TReko

One browser to rule them all

and the next step is that Google Docs will only work properly in Chrome.

Google's developing a monopoly Microsoft could only dream of 20 years ago.

Elon Musk hits the brakes on taking Bitcoin for Tesla purchases

TReko

Odd that

one wonders where he thinks the electricity comes from that powers his cars?

Samsung stops providing security updates to the Galaxy S8 at grand old age of four years

TReko
Flame

Re: Imagine my S5 feeling lonely

You can probably replace the battery on your S5.

My S8 is sealed with glue and the battery soldered in. The battery is not designed to be replaced.

Docker Desktop for Apple Silicon is here, but probe a little deeper and you'll find Rosetta 2 staring back

TReko
FAIL

Docker for Windows is still a mess too

It just runs a Linux VM to host Docker and won't work if the PC has VMWare installed.

The wrong guy: Backup outfit Spanning deleted my personal data, claims Cohesity field CTO

TReko

Re: If you cannot touch it do not complain when it evaporates

And you can use tools like SyncDocs to backup your entire Google cloud to local storage on your PC or server.

Feel free to use the cloud, but keep a local copy for safety.

Linux Mint users in hot water for being slow with security updates, running old versions

TReko

A bit rich

Linux Mint does not provide updates to major versions.

For example: Installed 18.x? Then the highest you can go is 18.3. After that you need to clean install to get 19.x or 20.x

Terraria dev cancels Stadia port after Google disabled his email account for three weeks

TReko

Re: Google

Never forget "the cloud" is someone else's computer. If you're using a free-tier service you have zero support from Google.

On a practical level at least backup your email with Thunderbird, your Google Contacts Google Drive with Syncdocs and your phone with Titanium backup.

File format conversion crisis delayed attempt to challenge US presidential election result

TReko

Re: Google Docs?

It's just a delaying tactic. There a many tools like Syncdocs which will automatically convert Word to Google Docs and back.

Well, on the bright side, the SolarWinds Sunburst attack will spur the cybersecurity field to evolve all over again

TReko

solarwinds123

The password to SolarWinds' update server was 'solarwinds123'

If their security is so lax, their software probably has hundred of other exploitable holes.

Cloudflare floats cloud grand unification theory based on zero-trust access and security

TReko

... and in darkness bind them.

Elecrow CrowPi2: Neat way to get your boffins-to-be hooked on Linux from an early age and tinkering in no time

TReko

Looks like fun

maybe I'll get one - it's never too late for a happy childhood

Apple to keep Intel at Arm's length: macOS shifts from x86 to homegrown common CPU arch, will run iOS apps

TReko

Intel has a patent wall

Anything that emulates x86/64 architecture is patented very securely by Intel.

This is one reason Windows 8 never worked well on the ARM chips.

I wonder if Intel patent attorneys are preparing to sue Apple?

Microsoft's little eyes light up as Oscar-winning Taika Waititi says Apple keyboards make him 'want to go back to PCs'

TReko

Re: Best ever keyboard is from ...

Which Microsoft decided to copy with their Microsoft Surface

Crypto AG backdooring rumours were true, say German and Swiss news orgs after explosive docs leaked

TReko

Re: "over a hundred states paid billions of dollars for their state secrets to be stolen"

makes you wonder about other Swiss privacy and encryption companies, like Proton Mail?

In a high-security preview, we got our claws on Samsung's Galaxy S20 and S20+... which are annoyingly good

TReko

Re: Too big

Since Sony abandoned their "compact" range, there are no high-end phones with a sane screen size. These new Samsungs are just too darn big!

I might have to switch back to Apple with their promised iPhone SE 2 with a screen size of 4.7"

Vendor-bender LibreOffice kicks out 6.4: Community project feel, though now with added auto-█████ tool

TReko

Re: Understatement

>Microsoft: bringing you new, exciting features you didn't know you didn't need.

Yep and refusing to fix ten year old bugs in Word.

Perhaps it is easier to add new junk features than to fix old core ones?

Cloud nine to cloud nein: Google beefs up punters' data encryption to fend off cyber-thieves

TReko

Re: This is just google ensuring others never have access to the troves of data it keep on you

You can always use an end-to-end encryption app like SyncDocs, that way only you can see the data.

However, many of the GCP features don't like encrypted data, and Google ain't gonna fix that soon.

Facebook iOS app silently turns on your phone camera. Ah, relax – it's just a bug, lol!?

TReko

WhatsApp too?

But their empire is big.

Try getting by in many parts of the world without their other product, WhatsApp. Who knows what if it also grabs the camera

No DeepNudes please, we're GitHub: Code repo deep-sixed as Discord bans netizens who sought out vile AI app

TReko
Coat

Finally a killer app for Google Glass

running this in real-time on Google Glass goggles will add a whole new meaning to "augmented reality"

DeepNude deep-nuked: AI photo app stripped clothes from women to render them naked. Now, it's stripped from web

TReko

Genie's out of the bottle.

A quick search shows that, even if the developer has stopped distributing their app, it is still available for download in the usual places.

You're not Boeing to believe this, but... Another deadly 737 Max control bug found

TReko

There are serious issues here, this should not be uncovered in a simulator; it should have been found during unit tests.

As someone who has written code for avionics, every possible state and function needs to be called and tested by the code tests. Any code that that wasn't tested cannot be flown. Any state or possible state transition that was not tested is explicitly dis-allowed.

Microsoft: 2TB or not 2... OK, OK! 2TB. OneDrive dragged kicking and screaming into selling more storage

TReko

A Fake Vault

The "vault" feature is just an extra layer of security to access the file. The files are still not end-to-end encrypted. Microsoft can still access your files, should they wish. For real encryption, encrypt at the source using Truecrypt or a automated cloud drive encryptor like SyncDocs.

New Zealand cops cuff alleged jackasses who shared mosque murder video, messages online

TReko

One wonders if the 9/11 video of planes crashing into buildings or the Zapruder cine camera tapes of JFK's assassination would be similarly banned today.

Allowing people to see what actually happened is honest while censoring facts just fuels conspiracies.

Airlines in Asia, Africa ground Boeing 737 Max 8s after second death crash in four-ish months

TReko

Re: Background

That's a great link, thank you

Tech security at Equifax was so diabolical, senators want to pass US laws making its incompetence illegal

TReko

Re: Why would they do anything?

Exactly, the guilty executives left with multi-million dollar bonuses.

It was reported on at the time of the hack, that Susan Mauldin, the woman in charge of the Equifax's data security, has a bachelor's degree and a master of fine arts degree in music composition from the University of Georgia, according to her LinkedIn profile. Mauldin's LinkedIn profile lists no education related to technology or security.

If that wasn't enough, news outlet MarketWatch reported hat Susan Mauldin's LinkedIn page was made private and her last name was replaced with "M", in a move that appears to keep her education background secret.

So ignorance was followed by cover-up, and payouts to the guilty. The 120 million affected people in the hacked files are the victims, but will get zero relief.

Just updated Windows 7? Can't access network shares? It isn't just you

TReko

Re: Who cares?

If you have a 32 bit Windows system, you cannot upgrade it to Windows 64 bit. You need to do a clean install.

This stops a lot of 32 to 64 bit upgrade paths.

Uncle Sam fingers two Chinese men for hacking tech, aerospace, defense biz on behalf of Beijing

TReko
FAIL

MSPs are cheap for a reason

Well, if you outsource your IT needs to the lowest bidder, which is often overseas, you get what you pay for.

Microsoft: Come and play in our Windows SandBox

TReko

Sandboxie

Sandboxie has been around for around a decade, giving you a decent, but non-VM sandbox in Windows.

https://www.sandboxie.com/

German cybersecurity chief: Anyone have any evidence of Huawei naughtiness?

TReko

Re: Maybe banned because there are no back-doors

The UK government actually runs something called the "Huawei Cyber Security Evaluation Centre".

They've looked through all the source code and so far have found no back-doors, only bugs.

You can even read Her Majesty's Government reports on it:

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/525761/huawei_cyber_security_evaluation_centre_oversight_board_2nd_annual_report_2016.pdf

It's December of 2018 and, to hell with it, just patch your stuff

TReko

Spectre and Meltdown

Interesting that there are no specific mentions of Spectre and Meltdown in the wild yet.

Oz telcos' club asks: Why the hell do Australia Post, rando councils, or Taxi Services Commission want comms metadata?

TReko
Big Brother

Re: Scope creep??

The Australian Big Brother is huge, though. Agencies make around 300,000 requests for metadata per year, or 1000 per business day.

This means that they are using it on about 1% of their population.

Microsoft promises a fix for Windows 10 zip file woes. In November

TReko

Re: "file indexing service works brilliantly in 2008R2"

Everything is superb, but it only searches file names. It indexes the MFT (Master File Table) in NTFS. It does not index file contents.

Facebook, Google sued for 'secretly' slurping people's whereabouts – while Feds lap it up

TReko

Re: Good

Thanks for the Blokada link!

Oh no, Xi didn't! Chinese spymaster cuffed in Belgium, yoinked to US on aerospace snoop rap

TReko

Re: Expect more

Indeed. Given the Chinese got the entire personell records of almost everyone who works for the US government through the OPM hack a few years back, they know who to target and what their weaknesses are.

The OPM hack can the potential to be one of the most damaging in history.

PC makers: Intel CPU shortages are here to stay ... for six months

TReko

Silicon bugs not fixed yet

Odd that people aren't delaying chip upgrades until Intel includes a full Spectre/Meltdown fix.

Google Cloud boss promises 'security built into every layer of the system' at UK shindig

TReko

Re: Blah...

...which is why Google still does not support at-rest encryption of the data stored on its cloud. You'll need to add a third-party plugin like Syncdocs https://syncdocs.com to encrypt your files on Google Drive.

How Google plan on restricting access to certain regions is unknown. Will they do it via an IP geolocation database, or via the Google user's self-reported country?

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

TReko
Happy

Fun and games

you left of some juicy details from the Bloomberg article:

"In 2009 the company announced a development partnership with In-Q-Tel Inc., the CIA’s investment arm, a deal that paved the way for Elemental servers to be used in national security missions across the U.S. government.

Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not."

TReko

Superb reporting and analysis, Register!

great technical and legal analysis. The parsing of Apple's and Amazons press statements is an education, too!

Apple forgot to lock Intel Management Engine in laptops, so get patching

TReko

Re: Apple's bug description

Apple doesn't manufacture their own laptops, they are made by sub-contractors in China and Taiwan (Foxconn, Flextronics and Qanta).

Given that Foxconn and Flextronics also make some Dells and HP laptops the problem might be more widespread.

Microsoft: OK, we have no phones, but look how much we love Android

TReko

Re: Re-use; buy; build

SideSync is from Samsung, who have many innovative, but poorly marketed innovations.

If Apple released something like SideSync, they will have a huge announcement, a big conference and many trained PR people and tame journo's regurgitating how it will "change the world".

What do Zuck, Sergey, @Jack and Bezos have in common? They don't want encryption broken

TReko

Its too late

Not disclosing your password in Australia will cost you $60,000 or 5 years jail

A web where the user has complete control of their data? Sounds Solid, Tim Berners-Lee

TReko
Thumb Up

Windows

Indeed, your paid for copy of Windows 10 will spy on you just as intrusively as the free version. Good luck trying to turn it off, too, when every update turns it all back on again and throws in a free 300M version of Candy Crush.

New Zealand border cops warn travelers that without handing over electronic passwords 'You shall not pass!'

TReko
WTF?

Australia has more draconian laws

Aussie customs (called "Border Force") have similar laws. But the fine is bigger and they can detain you until you divulge the password, confiscate the phone and laptop.

If you do unlock it they can copy all the data on the laptop, phone and associated cloud accounts.

You'll never guess what you can do once you steal a laptop, reflash the BIOS, and reboot it

TReko

You gotta be fast

DRAM will also fade out, so you have to act fast, how fast depends on temperature - note the coolant spray used in the video.

Modern Windows apps also should store passwords etc in secure storage provided by the OS, which is encrypted.

Windows 10 also compresses the RAM pages, which I guess was disabled to make this attack easier.

Python joins movement to dump 'offensive' master, slave terms

TReko

As usual, George Carlin said it best:

https://youtu.be/vuEQixrBKCc

It's September 2018, and Windows VMs can pwn their host servers by launching an evil app

TReko
Happy

Re: round up the usual suspects

or a new version of Candy Crush included in the update.

It is always a gamble for us if the update fixes more than it breaks.

Everyone screams patch ASAP – but it takes most organizations a month to update their networks

TReko

Re: Patchy McPatchface

MS just performs minimal testing on their patches these days before releasing them into the wild and seeing what breaks.

Google Project Zero boss: Blockchain won’t solve your security woes – but partying just might

TReko

Re: 'People in the middle snoop'

Snooping is Google's business, they need to know about you to sell targeted ads. More unsettling is their recent move into censoring content. The old "don't be evil motto" is ironic now.

Google's cuddling up to China with clouds in its eyes – reports

TReko

Re: So essentially...

It's important to remember that Google Drive and Docs data is not encrypted at rest, only on the wire via TLS/SSL. You'll need a tool like Syncdocs to encrypt it at rest, although not sure if encryption is legal in China.

Cache of the Titans: Let's take a closer look at Google's own two-factor security keys

TReko

Re: Ah, the tyranny of choice ...

I'm not sure why the Yubikey can't be turned into a smartphone app that communicates to your PC via bluetooth. A "soft" yubikey would add to the market take-up of this technology. In the meantime I use Syncdocs to do full end-to-end encryption of Google Drive, as I don't want to put un-encrypted files on the cloud.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021