* Posts by DF118

596 publicly visible posts • joined 2 Mar 2011


Phishing operation hits NHS email accounts to harvest Microsoft credentials


Re: Too little, too late.

Amazing she could do that even before the wonderful £350 million brexit dividend that was going to fund it.



Last year, the NHS migrated its email service from an on-premises system to Microsoft Exchange Online, which "could have been a factor in the attack," Kay noted.

That's factually incorrect.

Apart from anything else, in UK terms there is no such thing as "The NHS", so to say that "The NHS" does anything as a monolithic unit is wrong straight out of the trap.

Each NHS trust (or territorial/special health board in NHS Scotland) is responsible for its own email provision.

For more than a decade many NHS organisations UK-wide chose to join consortia whereby email provision is done externally by companies such as Accenture (i.e. NHSMail2, which runs on Exchange). This practice has not been universal, but is very widespread and, as a system, NHSMail has been in place in some form or another for well over a decade.

In truth, very few NHS orgs have been purely on-prem for their email for many years now. Even those which maintain on-prem provision also made use of externally provided systems such as NHSMail.

NHS Scotland organizations have, since around autumn 2020, been migrating to M365/EXO from whatever they were using before (mostly NHSMail2). This is part of an overarching contract the Scottish Government has with Microsoft, which also covers other national public sector orgs in Scotland beyond NHSS. I'm not sure if something similar is happening in England & Wales, but if it is then it'd perhaps explain the first part of the statement above.

Apple geniuses in Atlanta beat New York to the punch, file petition to unionize



Interesting to note the contorted amelioratory tone in the CWA quotes in this report.

Wonder if it's through choice, or a tacit acknowledgement of the enormous power imbalance that exists.

Rivals aren't convinced by Microsoft's one-click default browser change



On my work-issued laptop (which, being an IT device is in the pilot ring for patching) Windows Update resets my default apps almost daily. It's insane. How anyone who isn't stubborn is supposed to keep up with that level of persistent malware-like behaviour is beyond me.

I say "malware-like" because it even resets my default mail app from Outlook back to Windows Mail, which suggests more than a modicum of shitbrained incompetence as opposed to outright malicious intent.

Feds slay dark-web souk Hydra: Servers and $25m in crypto-coins seized


Re: Here's an idea

Agreed, although I was talking about using, not pushing. Plus having psychoactives being almost entirely a law and order issue just hands the entire field of play to pushers and criminals. And heavily costs all of society in so many ways.


Re: Here's an idea

Hence my point about why it should be a public health issue not a law and order issue.


Re: Here's an idea

where do you think druggies get their money from?

it's usually someone else's house. god damn student stoner nonsense comment.

And do you think that fact might just perhaps be related to criminalisation?

FFS think


Here's an idea

Stop trying to police what people do with their own bodies. Make psychoactive drugs a public health issue rather than a law enforcement issue. Once we do that, the remaining reason for DNMs to exist will only be for actual nefarious purposes. Then go after them full tilt.

Amazon warehouse workers in New York unionize in historic win against web giant


"we believe having a direct relationship with the company is best for our employees"


UK suit over reselling surplus Microsoft licenses rolls on


Re: Imagine if the boot was on the other foot

That's not quite what happened. e360 appealed the minimal ($27k) damage award from the original trial, presumably through greed, then snatched defeat from the jaws of victory when the appeal court basically lost its patience with their carry on and revised damages down to $3.

We have some sad news about Facebook. It has returned to the internet after six-hour mega outage


Re: All their tools were down as well...

Many moons ago, in this parish, the original "could of" offender came back at me with some haughty supercilious nonsense about it being "a colloquialism".

A later reply summed it up perfectly: "I do so love it when the comments thread on a Reg article turns into a grammatical pissing contest"



Re: I love the Register

> What does that tell you?

That you enjoy a humblebrag?

Fool me OnePlus, shame on me: Chinese phone firm fingered for fiddling with performance figures – again


Re: Bugger, shattering my bubble...

Same. Work Samsung A40 is infuriatingly slow, plus the Samsung bloatware, unwanted apps and OS overlay are all, frankly, horrible.

Personally idc if OnePlus have been fiddling the numbers, although with the prices they're at now I'll almost certainly never buy one new again. Luckily I just picked a mint 8 Pro for £250 and if that lasts me as long as my 3 did (still going strong when it got nicked) then I'll be happy.

The only thing the Sammy has going for it over both my OnePlus handsets is its size. If OnePlus made a smaller handset I'd go for that in a heartbeat. The big screen is nice for browsing and PDF manuals but the ability to have it in a pocket and not feel like I'm going to snap it in two every time I have to shoehorn myself in under some desk or the back of an equipment rack would be nicer.

Ireland unfriends Facebook: Oh Zucky Boy, the pipes, the pipes are closing…from glen to US, and through the EU-side


Re: Wouldn’t it be better if the US adopted GDPR?

I do love it when foam-mouthed Brexiters throw up that "EU armed forces" bollocks.

Even if it did happen I'd have welcomed it. Not because it'd be any less infested with corrupt, venal arms dealers than the UK has now, but because it'd at least give our home grown shysters, tax vampires, pocket-dwelling politicians and regime-enablers a good hard poke right up the jacksie.

Um, almost the entire Scots Wikipedia was written by someone with no idea of the language – 10,000s of articles


Re: Enough

> you want to include your local dialect as a language?

Yyyyyeah, great logic, except Scots is a language. If your rule for determining whether or not a language is worthy of the name boils down to whether or not it looks and sounds a lot like another one, then half the languages in existence right now would fail that naive "test". Don't be so reactionary. What's it to you anyway? Do you begrudge any other language its right to exist, and if not then perhaps ask yourself why single out Scots?

Splunk sales ace wins sex discrimination case after new boss handed her key accounts to blokes deemed 'flight risks'


Re: Sex discrimination or just bad management?

Right enough, if I'd come out with that level of sub-literate illogical drivel I'd have ticked 'post anonymously' too.

Boffins baffled by planet nugget whizzing round white dwarf that should have killed it


Re: Core

Heh - that's some seriously dense gas.

Neptune, Uranus and Saturn are all thought to have solid cores, so not an implausible concept.

Game of Thrones author's space horror Nightflyers hitting telly


Re: I was interested

Alastair Reynolds adaptations when?

This x9000, plus Iain M Banks and Peter F Hamilton.

Was at a reading with Banks and Hamilton around the time The Hydrogen Sonata and Great North Road had just been released. During the Q&A, Banks in particular was very hopeful about adaptation doors having been opened by GoT.

I would absolutely *love* to see a talented production team take on the challenge of portraying Hamilton's Prime aliens from Pandora's Star.


Re: Dark Matter cancelled

science fiction TV history is littered with good stuff (or stuff that showed a lot of potential) that didn't last

Amen to that. 'The 4400' and 'Being Human' are the two that spring immediately to mind whose cancellation saddened me. It's almost not worth mentioning Firefly which is practically a byword for the whole phenomenon.

Better filters won't cure this: YouTube's kids nightmare


Presumably you're one of those "guns don't kill people" people.

New phishing campaign uses 30-year-old Microsoft mess as bait


Re: Stupid MS Techs

"Macros and VBA in Office documents are a different class of problem."

Seen some really rather cleverly obfuscated VBA code which spunked a small executable binary to disk byte by byte. Allowed to run on an air-gapped machine, the resultant exe created a small and very tenacious startup entry intended to grab and execute the real payload.

Let's dig into how open source could KO the Silicon Valley chat silos


Re: Quick - call a sociologist

"Interesting, considering for me the killer feature (on other channels like SMS or email) is absolutely nobody being able to tell whether I saw a message or not - disabling "message was opened" replies even if requested is the first thing I do in any email client. Plausible deniability, people. YES, I INSIST."

As always, Mr. Munroe has a strip for that...


Dark web souk AlphaBay shuts for good after police raids


Bloody americans, coming over here with their weird shaped pills. Whatever happened to good old proper British round ones? Eh?

WannaCrypt outbreak contained as hunt for masterminds kicks in


Re: 5% of 1000 000 is 50 000 desktops.

So just exactly why is getting a health app to run on a current OS so f**king difficult?

There are other reasons, but in my org the main reason is managed software providers being dicks, and bamboozling the beancounters and execs into forcing IT to "just do what you need to do to make it work".

The IT managers are, as usual, little more than willing messengers.

Take a bow, Atos.

BBC detector vans are back to spy on your home Wi-Fi – if you can believe it


Re: Hardwired connection

Someone didn't read to the end of the article!


"Which you should, by the way"

...only if you actually watch it, by the way.

Last panel in place, China ready to boot up giant telescope


Re: "put away the hex key"

Hex key?

Round our house we call them Alien keys, after the old dear spotted a typo in the assembly instructions for some piece of MFI tat in the mid-1980's. Seems apt.

Firefox 48 beta brings 'largest change ever' thanks to 'Electrolysis'


Re: No mention of...

And yet the only time I've ever suffered a drive-by download and malware infection via JavaScript I was using Chrome.

Just because someone does a thing doesn't mean they're doing it properly.

Scots denied Saltire emoji


Re: @ Khaptain our national animal, the unicorn

From https://en.wikipedia.org/wiki/The_Lion_and_the_Unicorn:

"The Lion and the Unicorn are symbols of the United Kingdom. They are, properly speaking, heraldic supporters appearing in the full Royal coat of arms of the United Kingdom. The lion stands for England and the unicorn for Scotland."

Also worth noting that the unicorn is chained. I'm no student of heraldry, but I think the statement intended there is fairly clear!


Re: Right this wrong!

Or, fer cryin' out loud, lighten up!


Catalonia is probably a better comparison for Scotland

Debatable. UK is a union of unitary nations, of which Scotland is one. Catalonia is a technically "autonomous" region of a long-unified Spain. Both have significant independence movements, but politically and legally their situations differ enough that I don't think Catalonia is any better* an example than Martinique.

* Or worse, for that matter.


Re: "sadly no deep-fried Mars bar"

:D There's hope for you yet!


@ Khaptain Re: our national animal, the unicorn

as a Scotsman this is the first I have heard of us having a "unicorn" as our national beastie

Look on your passport.

Technically it's Scotland's heraldic animal, not the "national" animal, but since we don't really have one of the latter (if you discount the odd wild haggis sighting in cartoons) I think folk have settled on the unicorn. I think it's a brilliant idea.

Also Blade Runner.


"sadly no deep-fried Mars bar"

You nearly managed it. A whole article with Scotland in the headline, without mentioning deep fried mars bars, haggis, irn bru or buckfast. Here, have a compensatory bridie.

Facebook to kill native chat, bring opt-in crypto to Messenger


Article short on details

Will this include desktop use? My partner has been getting the Play Store autodivert when attempting to use messaging on the mobile site for a couple of days now, but it seems messaging on the desktop site is unaffected (so far at least). I tried to advise her against installing FB bloatware but as with most people she has taken the path of least resistance.

Of course the article may be short on details because FB itself is keeping characteristically mute. A quick Google search tells me they've tried to force mass migration to their Messenger client at least once before, and people didn't like it then either.

Winston Churchill glowers from Blighty's plastic fiver


Re: "the UK's first plastic banknote"

I see your point, but unequivocal statements like "the UK's first..." are either true or they're false, so I can't in good geek conscience agree that an argument could be made either way. Nor would I admit to splitting hairs, because the article doesn't say the Clydesdale notes aren't in general circulation (clearly they are - I've bought beer with them ;o) only that the BofE ones would be in future.


Switch survives three hours of beer spray, fails after twelve



Oswald's a Brit, so when he says “football” he means soccer.

No, he means football.

Mud sticks: Microsoft, Windows 10 and reputational damage


@Alumoi Re: It's the data harvesting

If you're not paying for a product you're not a customer, just another product. Did you pay for Windows 10? Nope. You paid for Windows 7/8.

Presumably those paying for new machines with OEM pre-install, or buying the retail version for their own build are somehow magically excluded from your spurious logic?

A snip at £116.99.

Building a fanless PC is now realistic. But it still ain't cheap


Re: Been there, done that.

if the fans are speed managed, it can easily become annoyingly distracting

Most temperature controlled fan headers are so badly implemented and aimed at performance over silence, with little or no hysterisis built in to the controlling logic. The only retail board I ever saw do fan control well was Abit's IP35 Pro. It was outstandingly good. Then they pulled out of the motherboard market.


Anything that requires more than a tiny amount of power should never be fanless. Not because of the heat, but because there is no such thing as a silent coil. Been there and done it umpteen times. A powerful system with a single slow-running fan (lovely broadband noise) beats a fanless system of the same power every damn time.

You've seen things people wouldn't believe – so tell us your programming horrors


Haven't seen much of other people's code...

...but what I have seen makes me feel (a lot) less embarrassed about my own.

Worst was some consultant who'd taken what should've been a simple string padding operation in VBA to get a valid 8-character payroll number and turned it into a multi-line conditional...

If Len(strPayNo) = 1 Then

strPayNo = "E000000" & strPayNo

ElseIf Len(strPayNo) = 2 Then

strPayNo = "E00000" & strPayNo

ElseIf Len(strPayNo) = 3 Then

strPayNo = "E0000" & strPayNo

ElseIf Len(strPayNo) = 4 Then

strPayNo = "E000" & strPayNo

ElseIf Len(strPayNo) = 5 Then

strPayNo = "E00" & strPayNo

ElseIf Len(strPayNo) = 6 Then

strPayNo = "E0" & strPayNo

ElseIf Len(strPayNo) = 7 Then

strPayNo = "E" & strPayNo

End If

Not only had he done this, but he had replicated it EVERYWHERE. That code block appeared something like 140 times. At first I thought he'd cut and pasted it, but then one of the users told me the guy had been charging £1k+ per day for his services (working on site) and I got the sinking certainty that he had just sat there for days on end and typed every single line out by hand.

This was a public sector (NHS) organisation he'd fleeced, and it was just a one-man project for a few weeks. I shudder to think what else is out there in public sector land.

How El Reg predicted Google's sweetheart tax deal ... in 2013


Tax avoidance is legal, tax evasion is not.

If I had a pound for every time I read that phrase in the comments to a piece on corporation tax, I'd have a hell of a lot of evading avoiding to do.


Apart from his central premise characterising tax campaigns as being entirely made up of virtue signallers who will let Osborne and Google away with "an easy win". Yeah, apart from that, it's excellent.

Firefox-on-Windows users, rejoice: Game of Thrones now in HTML5


Re: ...of the dumbest ideas from dumbville

DRM on Streaming? Well, a decent HD camera and 42" HD monitor defeats it.

And what you get is a crap copy with saturated colours, bloom and excessive motion blur, assuming you don't get crazy flicker. Far better (not to mention cheaper and less hassle) capturing video directly from a VM.

Top Android app devs found exfiltrating mystery stealth packets


Re: @Chris 125

No argument with any of that; I'm just making the observation. Plus, given the choice between:

A) Being unable to use an app because it refuses to work with a given set of restricted permissions, then seeking to spend time "reviewing" the app to gripe about said refusal to operate.

B) Finding something else


C) Simply granting the permissions.

...I highly doubt even a small minority of people would choose option A.

Like I say, I'm with you on what apps should and shouldn't be asking for/getting, however the trouble is the (apparent) quid pro quo of having some new shiny game/app/whatever is seemingly enough for them to just hand over control. Devs know this and exploit it, and until more people start to care about their privacy, that state of affairs ain't going to change.

I seem to remember reading also that part of the Google good-developer-guide-thing (probably not an official name) states that you have to intelligently handle lack of permissions come Android 6, not just bomb out totally.

"We're sorry, but you agreed to the EULA, which states this software requires the following permissions, which you have not granted. Please grant the permissions listed in order to continue."

To you and me, that's definitely bombing out, but at the same time it's a perfectly intelligent way to handle it. And more to the point, nobody can force your user to grant permissions, just like nobody can force you to provide a function/service without getting what you want in return for it.


@Chris 125

Which is why the move to more granular permission with Android 6.0 is welcome

It's a great idea, but I fear the practice will simply become that any app, when so denied any given permission, will either refuse to operate, or operate in some kind of useless limp mode, until the permission is granted/restored.

Seems unlikely that Google would have any reason to force app devs to give up their user data addiction, especially when it comes to behemoths like Faceache.

This can already be seen happening with Facebook platform apps. FB now permits users some granularity of choice on permission requests, however when you deny one or more requested permissions many apps in return refuse to operate.

Firefox 42 ... answer to the ultimate question of life, security bugs and fully private browsing?


See, out IT dept...

...loves jumping on stories like this as "evidence" that open source is inherently less secure, because open source.

This logic seemingly only applies to desktop browsers though. Smart phone and server OS's are apparently immune.