* Posts by netminder

81 publicly visible posts • joined 10 Aug 2011


Talk in Trump's tweets tells whether tale is true: Code can mostly spot Prez lies from wording


Re: Covfefe

The tangerine terrorist never starts his day before 9AM, needs to get his ego stroked by Fox & Friends. There are long periods on his official schedule for 'executive time' which is naps & ego enrichment in front of the TV. He is not overworked & is as sharp at 2AM as at 2PM

'Desperate' North Korea turns to bank hacking sprees to rake in much-needed dosh


Re: Interesting...

Maybe news is slow getting to Saint Petersburg.

Determining the source is a complex analysis of the code used, the C&C systems used and previous behavior. It takes time so ignore the early guesses but work done by reputable organizations over time are very accurate.

B-Ark passengers to control most IT spend from 2019 onwards


Fate of the Golgafrinchens

It should be noted, according to Mr. Douglas, the entire race of Golgafrinchens died out from a disease acquired though the use of a dirty telephone.

While Zuck squirmed, Reddit revealed it found and killed 944 Russian troll factory accounts


Re: I don't believe it.


This is exactly the type of post a Russian troll would provide. Pretend they are innocent but the EEEEEEEEEvile big brother is hurting us all by shutting down alllllllll dissent. There is no evidence that dissent is being suppressed or that reddit is acting in any way to defend the actions of the US at home or abroad. But you did your job today, you tried to sew discord and undermine best efforts

What's silent but violent and costs $250m? Yes, it's Lockheed Martin's super-quiet, supersonic X-plane for NASA


Re: SIG!

One problem with the sour grapes theory is that the US also outlawed military craft from generating booms over the US. I heard them as a kid and they would shake houses, you would not want 50 of those a day going overhead.

What killed Concord was that it ate fuel it was oxygen so tickets had to be pretty expensive. Very few people were willing to pay the premium just to get there a couple hours earlier. If half this thing is going to be nose economic viability is in doubt.

Tech’s big lie: Relations between capital and labor don't matter


Re: the "only solution" you forgot

A large part of what is stopping unions is the glibitarian techbro attitude that I am a special little snowflake and can do better on my own that we can all do together. They have been feed this lie for years & internalized it to a point that they can't see anything different.

The strange case of the data breach that stayed online for a month


Not making the situation worse is OK in my book. There is no reason to give specific information when doing so increases the likelihood of further harm. The people who are at risk for having their PII exposed deserve better than their company gave them & there is no need for Reg to make things worse.

Name and shame the company after the data has been secured.

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation blitz


Re: 'internet was not designed to support the applications that now rely on it'

I know that FedEx has penalty clauses built into contracts where they provide services. I have no way of knowing if they ever paid a 'fine' but I did hear that they had every available employee had sorting. With a revenue of $50B a cost of 0.6% would not be surprising.

Maybe if all these companies would listen to their security people and patch they could have saved most of that money.

If you've ever wondered whether the FCC boss is a Big Cable stooge – well, wonder no more


Re: Pardon?

It is an interesting world inside your head. A world where pointing out the public behavior of a public official is "two minutes of hate". Is anything in the article untrue? Nope. Given the obvious behavior is anything unkind? Perhaps, but not mindlessly so.

Just because the chickens are coming home to roost and you don't happen to like it does not make it hate. You voted for this, you defend this clod & his boss as best you can (which, admittedly is not well) and then when you get what you have coming to you you whine that the truth it hate.

Industrial systems scrambling to catch up with Meltdown, Spectre


responding responses

" . . . the long list of vendors responding responses to the Meltdown . . . "

Is 'responding responses' one of those clever UK Englishism we here in the colonies are unaware of?

Missed opportunity bingo: IBM's wasted years and the $92bn cash splurge


Execs made out like bandits

Unmentioned is that buy-backs increase share value and greatly enrich the executives who hold major amounts of options. The new tax law will make this stunt even more popular.

Buy-backs are not betting on the company, they are theft of worker and shareholder value for the immediate enrichment of the BoD

Republican tax bill ready to rescue hard-up tech giants, struggling rich


Re: I don't get it

Ah, so you are an idiot incapable of actually understanding what actually happened outside your wingnut bubble. Thanks for making that clear so we all can discount anything you say and ignore you.


Re: I don't get it

Social Security and Medicare are paid for by wage earners. Every paycheck up to $108k a year has deductions for them. This is cutting taxes on the top 5% while stealing what is in truth an insurance payment (for retirement care) from workers. It has been proven over and over these last 40 years, tax cuts do not pay for themselves, they do not create jobs and they do cause worsening income inequity.


Re: I don't get it

You don't get averages? If Bill Gates and I were in a room the average net worth of everyone in that room would be 10s of billions of dollars. The average savings of 2.2% for you will be substantially less when Mr. Gates gets his 12% reduction.

Add that this is going to blow a USD1.5 trillion hole in the budget that they intend to use as an excuse to steal Social Security and Medicare money (money that working people are paying in every paycheck for) to try and fill and that pittance that is your end is not going to pay the rent. Or anything really.

YouTuber cements head inside microwave oven


On the Internet nobody knows your a dog.


Cement heads

The stunt was redundant, they were already cement heads to begin with

'Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal


Re: Plane accidents vs Infosec fails

I was extremely proud of my organization after a well publicized incident there was a major review and audit using multiple internal and external sources. Causes were identified and plans were put in place to not make the same mistakes again. The problem is exactly as you describe, security is expensive. We are many times better secured and better prepared because of the work already done but still too far from perfect because of the big 3 - politics, religion and money.

Seek 'passion' and tech skills will follow, say recruiting security chiefs


Re: "Good grief", said Charlie Brown.

I find pretty much the opposite. Headhunters are sending me marginally qualified (if that even) candidates because they want the bonus money. Because I started in security long before it was common I have always dealt with lack of qualifications (hell, I was not qualified on paper for a couple jobs I was successful at).

What I have done is look for 'markers of success'. On resumes & during interviews I look for explicit examples of them doing more or learning more than what was required along with the realization that they don't know nearly enough. I am about 80% successful in getting people who can handle the work. Average around here with managers who care about GPA and buzzword bingo card CVs is closer to 50%

National Cyber Security Centre boss: For the love of $DEITY, use 2FA on your emails, peeps


Re: Building those capabilities

It means that government job pay shit & the reason for that is because taxpayers whine when they are not paid shit. Same here in the US, demand the best, pay the least.

DJI bug bounty NDA is 'not signable', say irate infosec researchers


thats nice

I think we all can read that in the story but the question was HOW did they do that? What words made this the case?

Crouching cyber Hidden Cobra: US warns Nork hackers are at it again with new software nasty


Re: Attack of the Nork cyber bogeyman ..

I wish being that stupid hurt you as much as it hurts the rest of us to have to listen to it.

WikiLeaks is wiki-leaked. And it's still not even a proper wiki anyway


Re: Leakedleaks.

I'd love to know what Putin has on Assange.


Re: Leaked leaks did not come from WikiLeaks

Whats the weather like in Kiev these days, comrade?


Re: Shower of shites!

"By the way, if you understood Russian a bit you'd know that all Kremlin state media were 100% rooting for Hillary during last campaign."

That is some nuclear grade bullshit right there. You are either really stupid or hoping everyone else is


Re: Shower of shites!

Given that Wiki edited the emails before release you may want to recalibrate your concern. Then there is the whole issue of Wiki getting all its leaks and directions from Russian sources, if you are more concerned about the workings of the DNC than the machinations of Putin and his oligarchs you are part of the problem. Re4member, it could just as easily be your boy Trump they decide to torpedo next time comrade

Sole Equifax security worker at fault for failed patch, says former CEO


Re: Double failure

There is a third failure. They failed to have prevention systems in place. WAFs, properly configured would have stopped the attack since it used known strings.

But lets all ruin Gerry from securities life and career because we dropped a billion and still couldn't stop the simple stuff.

Targeted, custom ransomware menace rears its ugly head


Re: How much lockdown is enough?

Actually I think most admins would like to do away with password protected accounts so they didn't have to deal with resets.


Re: Custom ransomware menace rears its ugly head

Looks like nobody got your sarcasm here. Sad.

WannaCrypt: Roots, reasons and why scramble patching won't save you now


Perhps it is not the risk comittee at fault?

Being in charge of risk for a huge, quasi-govermental organization I can tell you that very often the alarm sounded for specific risks (such as running XP) is ignored. Naturally, once the barn is on fire (thanks WannaCry) the IT side of the house desperately wants to lock the door.

The solution is to put the risk squarely on the group demanding the risk be taken. If I go to the "x-ray' department & say "XP is putting the entire place at risk here are options for things to do to reduce that risk" and their response is "It is cheaper to keep our old X-ray machines" Then THEY have to sign off that THEY accept the risk, not us. If we did not warn them or gave them poor information that would be our fault.

My guess is the risk folks at NHS arm's are tired from waving like mad men trying to call attention to the situation & the same old 'legacy apps' shit was all they were given.

US Homeland Security is so secure even its own staff can't log in


Re: This is exactly the standard of government computing

I have been in IT consulting for 25+ years. I have worked at Fortune 50 companies, mom-n-pop companies, several different State's agencies and the Federal government. Other than the scale they operate at I have seen no difference between government and private IT. They are all generally poorly managed by people who do not understand security at all & many with only rudimentary understandings of IT. Once the organization is sufficiently large enough shit happens a lot more often and is dealt with a lot less efficiently.

Apple to Europe: It's our job to design Ireland's tax system, not yours


Re: Fascinating

The whine is always that the US has one of the highest corp tax rates in the world. Ireland is often used as a comparison because their rate is so low. The deal is though that because of all the tax breaks companies pay LESS in taxes in the US than they do in Ireland. The repatriation dodge is just that, a dodge. They will not bring that money into the US until they can do it for free, or nearly free. There will be no great windfall for the government.


Re: Fascinating

sadly, this is hard an American-only trait. Get used to it because many non-American companies operate on the same rules & this brave new world we live in makes it easy for them to do so.

Talk of tech innovation is bullsh*t. Shut up and get the work done – says Linus Torvalds


Re: Or, in the vernacular ...

Hair Furor is orange by choice, President Obama was not given a choice. That is the difference between labeling. The Tangerine Tantrum invites the abuse, it would be impolite of him to not accept it.

The Register's guide to protecting your data when visiting the US


Re: "I've been to the US numerous times over the last 30 years "

But he came from that foreign land Republicans have only heard of, Hawaii.


Re: Timely advice

My Grandfathers brother and his wife lived in East Germany. Before he retired he or his wife could visit the West but not both at the same time. After he retired they were free to visit his son in the West whenever they wanted to go. Had they not returned West Germany would have paid his retirement & the East would have been very happy about that. He always chose to return though because it was the only home he had ever known.

Ex-NSA contractor Harold Martin indicted: He spent 'up to 20 years stealing top-secret files'


The real failure

So this guy had to have regular lie detector tests along with in person interviews and a host of other checks that come with an SCI. But for 20 years they could not weed this guy out. There is the real failure, a reliance on a pseudo-scinetific toy and sloppy profiling.

Honeypots: Free psy-ops weapons that can protect your network before defences fail


Sadly, my boss is ex-LEO & hearing "honeypot" only thinks "entrapment" because his solution to everything is to try and arrest the criminal. sigh

Trump's cybersecurity strategy kinda makes sense, so why delay?


Re: "two regulations are torn up for every new rule introduced"

Well, thats the thing, isn't it? Trump supporters don't think. Trump supporters believe their 'gut' is smarter than their brain, that if they want to believe it badly enough it will be true, that truthieness beats reality every time and anything they don't understand is witchcraft & must be destroyed. The fucked up electoral system, designed to protect the slave holders from reality has put these people in charge despite them being the minority of the nation. We are screwed.


Re: "Responability" without authority (to make it stick)

My agency has undergone years of budget cuts (real ones kids) and mandates to not hire so replacements are often high-priced contract help which just exacerbates the cash shortage. Add the sort of reluctance all senior management appears to have about giving money & power to the security shop (I saw this in private industry just as strongly) and the inertia we need to overcome is pretty large. We are making progress just not fast enough.

GCHQ cyber-chief slams security outfits peddling 'medieval witchcraft'


Sadly, given the actions of State actors like Putin we will soon have neither anyway.

With net neutrality pretty much dead in the US, your privacy is next


You could have shortened your post by simply posting:

"I am a moron who fell for a bunch of propaganda and will be stunned after wer are all fucked over"

Trump decides Breitbart chair Bannon knows more about natsec than actual professionals


Re: Countries targeted vs countries not targeted:

15 of the 21 9/11 hijackers came from the same country. A country that is not on the list. A country known to have financed the 9/11 attack, if not officially certainly tacitly. The EO not only does not make the nation more safe it demonstrates to Muslims that the US really is at war with them which suits the propaganda efforts of ISIS and similar.

Trump lieutenants 'use private email' for govt work... but who'd make a big deal out of that?


No, there were not "many", there were 3 & at least 2 of those were not classified until AFTER they had been sent.

Please try to follow the information provided & not the BS of one party

Remember the Republicans investigated this issue NINE TIMES and could find no evidence of wrong doing or the mishandling of classified information,

Trump's FBI boss, Attorney General picks reckon your encryption's getting backdoored



All you tech fanbois in the US who were so happy to stump for this tangerine tantrum because you were not smart enough to recognize a fascist when he speaks are in for a jolly good rogering. You richly deserve what is about to happen to you. The rest of us, intelligent Americans and the whole world, do not. So congratulations assholes.

Sayonara North America: Insurance guy got your back when Office 365 doesn't?


Re: Business Decision

Chairman/CEO "You realise that if there is a business affecting failure it will be your successors' first task to end these contracts and bring the functions back in-house. The Business financial loss will be placed on your bonuses and pension funds on employee wages and benefits"

IT/CFO "<I think we need to check it again. We'll get back to youSure, NO PROBLEM!"

Disney sued in race row: Axed IT workers claim jobs went to H-1B hires


Interesting take on positions

It is interesting that Trump, a man who has been caught employing illegal immigrants on his build projects and also found to have not paid them for their work. Even not paying ones that he was not caught using but using their status against them, should be considered a friend to American workers getting screwed by their employer.

If he actually ends up making things better for the Disney workers (or any of us under threat of this sort of thing) it will not just be a miracle it will be a total 180 from his life-long history of labor relations. My guess is the leopard is not changing spot & workers are going to ge screwed.


Re: Disney is depicable

you need someone to explain what the word 'racism' means to you.

In this case someone with power (Disney) laid off employees and then replaced them with people based on their nation of origin (India).

While recently courts have muddied the waters a bit Disney chose to hire only people from one country and that used to be enough to find for the plaintiff.

Snowden: Donald Trump could get pal Putin to kick me out of Russia


Are you sure Edward?

A couple of months ago Mr. Snowden said "America's election is a choice between Goldman Sachs and Donald Trump"

Savor that for a moment while contemplating the 6 current of former GS wanks the mango Mussolini has already appointed and then ask yourself why, when Putin and DJT's was well known before the election why it just occurred to Ed that this could be a problem for him.

Since Snowden is not a total idiot occums razor would suggest his current statement is simply a disinformation campaign to a) preserve his alleged independence from his current owner and b) somehow indicate that DJT was not really Putin's candidate.

Ugh! Is that your security budget? *Sucks teeth and shakes head*



Disagree on 1 because the article might save someone $200. Don't care about 2, one person is ok as long as it is understood it is an opinion. agree with 3&4 which are pretty much the one point anyway. 5, Seriously? thats your take? I couldn't disagree more with you than on 6. 20 years of consulting at companies large and small has shown me that executive management has no clue what the numbers really mean, what their actual risk really is or what is actually being done with the money to reduce risk.

Trump's torture support could mean the end of GCHQ-NSA relationship


Putin's loss

Given Trump's close economic ties to Russian banks & work Putin & company did to groom him not sharing intel with the US will at least reduce the chances the Russians will get it. Nice work USA! Elect a total incompetent moron as your leader because you don't like his opponent. Please don't pretend to be surprised he is exactly who he told you he was