* Posts by securityfiend

12 posts • joined 12 Jun 2011

Google broke its own cloud by doing two updates at once


Re: re: I have plenty of horror stories which I cannot share here.

LOL. Sometimes I wish they were made up...

School network manager wins £10,000 in NCC Group Cyber 10K challenge


Secunia PSI / CSI, Ninite.


Re: ...

Secunia CSI, PSI...?

Are your landlines buried in the stone age?


Where is the archaeology angle...?


Revealed: The Brit-built GRAVITY-powered light that costs $5


Why use a bag of soil when it could be a seat...?

Virtual sanity: How to get a grip on your home PCs

Thumb Up


This is possible on Windows using DCOM. My team leader (a true BOFH) would run Excel on *my* pc while having the GUI on his PC...

This was in the mid-late 1990's on Win95...

He wrote an internal RAT / admin tool for the PC's that simplified our work no-end...

What you can do to enforce endpoint security


One other thing...

License compliance...? Detecting and reporting on all those unlicensed applications on your network...?



Where is the discussion on protecting data at rest...?

AKA Full Disk Encryption.

For many organisations this is critical - even on desktop machines.

Rooting Kindle Fire bricks videos

Big Brother

It has become the norm since the manufacturers have worked out:

"if a man* buys my device, I eat for a day. If I let him enter my walled garden, I earn an obscene executive bonus."

* Insert gender of choice

Icon because, well. They know what you read, watch, who you call, your taste in music, track your movements, who you are having an affair with, when you break the speed limit....

Maybe a tinfoil icon would be better...?

Got a few minutes to help LOHAN suck?


Charles Henry Boyle


As pressure drops, temperature falls too. The chamber will be cold enough for the experiment due to this effect. Conduction to the sides of the vessel will be significant but not by much. Convection to the glass plate may be significant until the low pressure puts an end to that.

Careful about letting the glass plate get frosted up. I want HD quality video (slomo of course) of the

ignition and H2O crystals are going to get in the way of my viewing pleasure...

Icon seems appropriate...!

Microsoft Hyper-V floats Chinese military Linux


About face...!

I agree with your sentiments but not necessarily your conclusion...

1) the code is closed (enough already not use it right here), the development and maintenance can't be controlled by the customer;

Are customers savvy enough to understand the code to "control" it...? Also, with a closed OS, the addition of malcode is significantly less likely than open source where *anyone* can edit it. Remember the unconfirmed NSA claim a few years back they put backdoors into Linux...?

2) MS Windows' the OS because of its architecture peculiarities is not secure due to its lack of permissions and setuid/setgid model, and existence of very vulnerable protocols like RPC;

Hm. There are plenty of hacks that leverage "S" or "G" to elevate privs. Also windows does have a full permissions model that has more functionality and granularity that anything I have seen except VMS. Regarding RPC, the protocol is not insecure. All the bugs in DCERPC are related to implementation or design faults of a particular interface. Implementation bugs are also not related to MS code. What about the rash of OpenSSH vunls that came out 5-6 years ago...? In reality, both Linux and MS offerings are likely to have implementation bugs. That is why testing is so important.

3) as a consequence of 2) any MS Windows Server host requires a 24/7 running resources-hungry antivirus software;


A hypervisor shouldn't need to run an AV product. No-one should be using the hypervisor itself. all it does is schedule access to resources for guest VM's.

4) MS Windows products are not as easy configurable as their Linux/BSD-based counterparts...

YMMV. GPolicy is very powerful especially with AD but the concept *is* difficult to catch. However once you have it, it is arguably easier than the messed up config files on a Linux / BSD box...

I have not seen the MS System Centre solution but the rumour I heard surprised me about what it could do.,

For my opinion, I think HyperV is worthy of consideration. Your arguments present one point of view from a pro open source standpoint.

I'm a security guy and MS is no longer the automatic bad guy.

I am not an MS or Linux fanatic. I just use them for my job and this means living in the real world where often the reason for making a particular choice is financial or political.

IPv6 on Mobile? Only if it's free



The MAC address does not have to be used to derive the host portion of the IPv6 address. This is for autoconfiguration on LAN's only.

Also, IPv6 has privacy options that can automagically change the EU IP address to spike the logs of webservers / ISP's.

Most importantly, the IPv4 / IPv6 addresses issued to handsets are dished out by the GGSN, not by a DHCP server or autoconfiguration. The telco is aware of the IMSI and MSISDN *before* the IPv4 / IPv6 address is allocated. Check the specs for GTPv1 release 9 on the 3gpp web site.

*THEN* RTFM on MIPv6 and you realise the scale of the problem...


Biting the hand that feeds IT © 1998–2020