Re: $450Million per quarter
I thought the correct spelling was Xitter?
Posts by spellucci
30 publicly visible posts • joined 30 Jun 2011
X boss Elon Musk tries to make nice with world at ad biz conference
PostgreSQL pioneer's latest brainchild promises time travel to dodge ransomware
Thursday 28th March 2024 20:03 GMT
Exfiltration is also a risk
This seems to only protect an organization whose data is encrypted in its database with an unknown key. The other risk in ransomeware attacks is that of having the organization's data exfiltrated and held for ransom by the criminals. I do not see how DBOS will address that risk.
The AN0M fake secure chat app may have been too clever for its own good
Now that Trump is useless to Zuckerberg, ex-president is exiled from Facebook for two years, possibly indefinitely
Facial recog firm Clearview hit with complaints in France, Austria, Italy, Greece and the UK
Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript
Rotherwood Healthcare AWS bucket security fail left elderly patients' DNR choices freely readable online
Careful now, UK court ruling says email signature blocks can sign binding contracts
Tuesday 1st October 2019 22:42 GMT 
My Sig
IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humor or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorized (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the Yorkshire terrier next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites and place it in a warm oven for 40 minutes. Whisk briefly and let it stand for 2 hours before icing.
Facebook: Remember how we promised we weren’t tracking your location? Psych! Can't believe you fell for that
Bright spark dev irons out light interference
Friday 16th November 2018 12:11 GMT 
Office 365 Slogan
I had the devil of a time parsing the Queen's English title to this story. Yes, I'm from the other side of the pond.
"Bright spark dev irons out light interference"
What is the verb in the title? Spark? No, sparking a dev iron doesn't make sense. Out? Better, in the sense of exposing or "outing" something. But what does it mean to have a dev iron expose light interference? Light? No, too far into the sentence. Iron, as in iron out? Ah, now we're getting somewhere. But what is a spark dev, and what does it mean for a spark dev to iron out something? I think I need to go back to school to study English at Cambridge on the River Cam instead of Cambridge on the Charles River.
Bruce Schneier: You want real IoT security? Have Uncle Sam start putting boots to asses
Friday 9th November 2018 20:26 GMT 
Really Lousy Idea
A big IoT issue is the number of devices that do not auto update, and as a result fall prey to being commandeered into botnets. My Really Lousy Idea (TM) is that if a consumer owns a device that gets taken over and used in, say, a DDOS attack, that consumer is held accountable for damages. Imagine the damper that would put on buying IoT devices that are not really damn secure, or at least auto update.
Security MadLibs: Your IoT electrical outlet can now pwn your smart TV
Wednesday 12th September 2018 16:29 GMT
Help from America
Americans,
You are big consumers of this IoT stuff. And big producers of law firms. Can we arrange for you to create a class action lawsuit or two? Lawsuits that hold individual IoT owners liable for their unpatched devices contributing to, say, the DDOS attacks that those devices take part in.
"If you own device X, and you cannot show it was fully patched, you are hereby assessed $50,000 for damages your device caused." When said device cost $50. That will slow down sales. And have the manufacturers make sure their devices can be patched so we can at least have a chance at keeping them secure.
Sincerely,
Well, everybody
Windows 10 Insiders see double as new builds hit the deck – with promises to end Update Rage
Thursday 26th July 2018 19:22 GMT
Office 365 Slogan
I get the frustration but YIKES is managing an update stream as complex as the Windows Update stream a complicated beast. I am happy for Microsoft to test all the interactions of all the different updates and make sure that that particular mix of updates works together. For me to disable one of those updates would require me to have knowledge of the update interactions that I would not want to have to wade through, thank you very much.
Open Internet lovin' Comcast: Buy our TV service – or no faster broadband for you!
Here we go again... UK Prime Minister urges nerds to come up with magic crypto backdoors
Fine, OK, no backdoors, says Deputy AG. Just keep PLAINTEXT copies of everyone's messages
Tuesday 31st October 2017 15:12 GMT 
Dear Mr. Rosenstein
Here is what I wrote to Mr. Rosenstein today.
Dear Deputy Attorney General Rosenstein,
You made an important case for public/private partnership in your remarks to the 2017 North American International Cyber Summit. At the end of your remarks, however, you undermined the credibility of your message by asserting, without proof, that it is possible to have strong encryption that is both secure and available to law enforcement, and that the challenges involved are simply engineering ones.
I was taught in school that ignorance of the law is no excuse. Likewise, ignorance of the fundamentals of encryption does not excuse the fallacy in the both-secure-and-available claim. If authorized individuals can access an encrypted message, then so can unauthorized individuals. Please do not set policy based on the false assumption that this issue can be somehow worked around by engineering. This is not an engineering problem and does not have an engineering solution.
Zero-day hole can pwn millions of LastPass users, all that's needed is a malicious site
Wednesday 27th July 2016 16:39 GMT
Already fixed
This bug only affected Firefox users and was fixed in version 4.1.21a. See https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ for details.
Empty your free 30GB OneDrive space today – before Microsoft deletes your files for you
Friday 15th July 2016 10:14 GMT
Decent Security has a workaround for Windows 7 clean install issues: https://decentsecurity.com/enterprise/#/windows-7-fast-update/.
This is more of an enterprise solution, as the author says the solution is "unwieldy" but it might get you past the known issues of trying to use the unpatched Windows updater.
Put your private parts on display if you want to keep earning a living
Monday 18th January 2016 22:25 GMT
Re: The first three paragraphs
Could you, or any other kind readers, determine the actual topic of this article? I read through it a number of times, but could not tell what was real, what was the author enjoying the writing, and what the story was about. Many pardons if it is obvious to others, but I didn't get it.
Hello Kitty hack exposes 3.3 million users' details, says infosec bod
UFOs in the '50s skies? CIA admits: 'IT WAS US'
Friday 2nd January 2015 12:49 GMT 
UFO at Otis AFB
There is a family story from the '60s or '70s about a man in Bourne, MA, USA who covered a box kite in aluminium foil, attached battery-powered lights, and flew it after dark on a r-e-a-l-l-y long string. He was listening to the police radio to see who noticed. The nearby Otis Air Force Base, that's who. He reeled the kite in rather quickly when the Air Force scrambled two fighter jets to intercept it.
Why Apple had to craft a pocket-busting 5.5in Plus-sized iPhone 6 (thank LG, Samsung etc)
Wednesday 10th September 2014 11:14 GMT
Gaining hardware but losing software = losing market share?
My teenage sons both have iPhone 4 phones that are just about to be able to replaced for free through my mobile carrier's two year contract renewal plan. I showed them the new iPhone 6s yesterday, and both of them said they wanted to go Samsung. What?!
My eldest said he uses his phone primarily for music, and he is tired of the loss of more and more of the features he likes due to software bugs. That resonated for me, because the only reason I buy iPods, and I have bought several, is to listen to podcasts. The podcast features I like have slowly disappeared over time due to software bugs. (E.g., I used to be able to sync the podcasts to my iPod and listen to them in order--feature now broken. E.g., the podcasts used to be removed from my smart playlist as I listened to them on the iPod so the most recent unheard podcast was always at the top--feature now broken.)
Is the technical debt of Apple's software catching up to them in a way that will dampen new sales? In my small market survey,100% of iPhone users' reaction to the new iPhone is not to get a new one--for free--or even an old one, when their contract is up, but to switch to Android.
Biting the hand that feeds IT
