* Posts by Mr. Flibble

62 posts • joined 23 Aug 2011

Page:

You wanna use GCHQ offshoot NCSC's threat intel feeds? Why not, say bosses

Mr. Flibble

We've signed up for pDNS at work

Unfortunately you can only use it in public orgs (in my case, a council), but seems a good idea. You have to request your IP range to be whitelisted so you can use their servers are resolvers, and you get a "portal" which shows you reports of usage.

In theory it will then warn you if it sees too many requests for dodgy domains, and wierdly our org has gone from "green" status (no problems) to "orange" in the past few days, but annoyingly I can't find out what actually caused the state to change.....

You can also give them your website URLs and they will scan them for known vulnerabilities periodically, which is also useful.

Techies tell BCS: More and richer data required if COP26 climate pledges are to be met

Mr. Flibble

Re: "the hardware range will be 100 per cent recyclable in the not-too-distant future."

@Mike 137 - totally.

Some of it may be security requirements - because vendors don't support old firmware or software, and the firms' security standards (or PCI-DSS), require replacements for perfectly good equipment in case they might have a security problem in the future, which the vendor is too cheap to patch.

A mate of gave me loads of Cisco 3750 switches and some old dell servers (they have 2003/2008 stickers on them) from where he worked. The switches are perfectly usable, and after patching I am using them in a council for a migration project, as it's a right waste of money to buy new ones which will only be temporary.

For the Dell servers, they've got crappy chips in them, but I will be slowly replacing them with multi-core ones, maybe adding some RAM, and they will be more than adequate to run VMs on etc. for a small company.

I can't blame my mate's company necessarily, maybe they had a big increase in users or newer software versions, but then they could have swapped the CPUs and added RAM/HDs etc themselves.

It is ridiculous how much money is wasted on replacing stuff that's perfectly adequate, but just done because the vendor wants to extract more money.

Mr. Flibble

Re: @Mr. Flibble

@codejunky - thank you for the links, interesting stuff.

Chairman Mao did loads of stupid things, that is just one of many. I'm not exactly sure that more data would have helped, as he would have done his own thing anyway. How many others that suggested he was wrong about things and were subsequently shot/imprisoned etc?

Unfortunately the video of Allan Savory doesn't load. I'll look for it elsewhere, but yeah, that's sad.

I wouldn't call Greta "tarnished", maybe there's people behind her telling her what to say, i don't know, but thanks to her, at least more people are thinking about the problems our economy and lifestyle is creating for future generations, and that is to be applauded.

Mr. Flibble

Re: @Mr. Flibble

I don't know, I'm not an export on the subject, but there's a shitload of reports etc on the subject that recommends sensible things. The "energy shortage" is lack of planning, not lack of data. References for the rest please...

Anyway, don't worry about too many insects, we're killing them off too.

Mr. Flibble
Facepalm

"Yes! That's what we need! More reports and stats! There are only a few thousand reports on what is required to avert climate catastrophy, which is obviously not enough. This data collection and reports will only take a few years, only then will we actually think about fixing the problem."

.

.

.

Fucking morons. We need more action, not more data.

Judge in UK rules Amazon Ring doorbell audio recordings breach data protection laws

Mr. Flibble

HHJ Clarke said "...it appears from the evidence before me that even if an activation zone is disabled so that the camera does not activate to film by movement in that area, activation by movement in one of the other non-disabled activation zones will cause the camera to film across the whole field of view."

.... no shit Sherlock, that's how it's supposed to work

The planet survived six hours without Facebook. Let's make it longer next time

Mr. Flibble

Re: It will take a while

https://activitypub.rocks/ anyone?

Google staff who work from home might see pay cut under corporate policy – reports

Mr. Flibble

Re: Childcare

Maybe now she realises you have to pay for that energy use yourselves, she'll start wearing a jumper or close the window.

It's time to decentralize the internet, again: What was distributed is now centralized by Google, Facebook, etc

Mr. Flibble

Re: IPv6

You can have IPv6 if you choose a non-shit ISP.

Until recently you could also have a a range of static IPs, and unless again, you use a shit ISP that uses carrier-grade NAT, then you can also request a static IP. Even ISP-provided routers allow you to do either port forwarding, and/or a default IP to forward on to a specific machine as a "DMZ".

Whilst hoarding IPv4 addresses is shitty - a previous company I worked at up to 2017 had a /16, and only used < 50 IPs.

The number of national ISPs that will give you working IPv6 (even mine had non-working DNS servers until I told them about it), whilst small, is >0, pick one if you're bothered.

However, I have just realised you're probably in the US, so maybe the situation is crapper than the UK....

Dell won't ship energy-hungry PCs to California and five other US states due to power regulations

Mr. Flibble

Re: @45RPM

"So why the hell did we insulate our homes if we are gonna boil"

Good insulation works both ways....

Restoring your privacy costs money, which makes it a marker of class

Mr. Flibble

Unreliable?

Not sure what u mean by that. It seems to work fine for me, maybe Nextcloud have broken that function after they split from owncloud.

My old owncloud server works perfectly for calendars.

Mr. Flibble

Could be South Korea

They do that kind of crap there....

Seagate UK customer stung by VAT on replacement drive shipped via the Netherlands

Mr. Flibble

Re: Should not have Netherlands VAT ...

Sadly WD were no better years ago for speed. I have had nothing but problems with drive replacements with them, even before brexit.

Another WD was "fake", even though I bought it from an authorised reseller, and the last one, they were complaining about the serial number, even though it wasn't fake in the end.

It took so long to get 1 drive replaced (a month) another one started failing and eventually I lost the array.

Before you laugh at my lack of planning, it was a personal system and I wasn't rich enough to have spare drives lying around...

For that reason I'm no buying WD ever again.

'Best tech employer of the year' threatened trainee with £15k penalty fee for quitting to look after his sick mum

This post has been deleted by a moderator

China bans encryption exports – including quantum and key management tech

Mr. Flibble

Re: @Christoph : Now I begin to understand

"The US couldn't possibly acknowledge that someone else could come up with something good, so they had to give it a new name.." - Not quite.

They'd already picked the name "AES" as a sort of competition to replace the "DES" standard. There were 8 (ish) competing algorithms at the start of the process, so whichever won would still have been called AES....

Signal goes Gaussian to take privacy to the next level: All your faces don't belong to us

Mr. Flibble

Re: Fix the bugs first

never mind... found it: https://getsession.org

Mr. Flibble

Re: question, my contacts

I think they hash the contacts phone numbers and just store that centrally.

I was trying to find a link that explains it, but my search-fu is weak today :(

Mr. Flibble

Re: Fix the bugs first

Link for Session please :)

Namesco email 'scripting error' has last bastion of Demon Internet holdouts scratching their heads

Mr. Flibble

Re: Mercury Communications

Yup, and BT still show adverts on the web gui even though they're charging.....

What's the difference between Windows 7 and a bin lorry? One is full of garbage, and the other… oh dear

Mr. Flibble

Hmm, this wasn't a one-off occurrence - I saw one near Euston late last year, but it was too interlaced for for my crappy phone camera to take a good picture while it was moving :(

There are already Chinese components in your pocket – so why fret about 5G gear?

Mr. Flibble

https://berthub.eu/articles/posts/5g-elephant-in-the-room/

Bon sang! French hospital contracts 6,000 PC-locking ransomware infection

Mr. Flibble

DAMN YOU DIGITAL TRANSFORMATION!!!!

Am I the only one that thinks that the phrase "Digital Transformation" is retarded?

Questions hang over Gatwick Airport after low level drone near-miss report

Mr. Flibble

Obligatory link

https://media.ccc.de/v/Camp2019-10235-the_great_british_drone_panic

If there were almost a million computer misuse crimes last year, Action Fraud is only passing 2% of cases to cops

Mr. Flibble

I tried once

Not going to bother again.

Yes, it was low priority - someone from "Microsoft" saying my windows had expired etc etc, but their stupid web form didn't bother asking any relevant questions that could help in a potential investigation.

Waste of time. I just think its for gathering stats, not actually trying to fix anything.

Here we go again: US govt tells Facebook to kill end-to-end encryption for the sake of the children

Mr. Flibble

Re: Watch your back

It's also available on f-droid:

https://f-droid.org/en/packages/org.telegram.messenger/ apparently with some tracking crap taken out.

I use it, and so far, so good....

In hilariously petulant move, Apple shuts Texas stores and reopens them few miles down the road – for patent reasons

Mr. Flibble

Re: re: worst parasites

That's exactly what happens, watch this: https://www.thepatentscam.com

Hold horror stories: Chief, we've got a f*cking idiot on line 1. Oh, you heard all that

Mr. Flibble

German Bastards

Our HQ was in Germany, so were usually an hour ahead of us in the UK.

Once we had a network problem, so I rang them up at about 4.25pm (UK time) to let them know. The phone rang, and then silence.

So I rang again, same thing. I thought they'd all disappeared off home early, and muttered "Bastards!" as I hung up.....

....

A few minutes later, someone rang my number and said "er... hello.... you called us bastards?"..... It turned out they were still in the office, it was just they could hear me, and I couldn't hear them... oops!

I apologised profusely, and they were surprisingly OK about it.

For several weeks afterwards they signed off their emails to me with "from the German Bastards" :)

Marriott: Good news. Hackers only took 383 million booking records ... and 5.3m unencrypted passport numbers

Mr. Flibble

Re: Stored data

PCI-dss compliance centrally? No idea.

At certain starwood hotels i was working at this year, they clearly weren't, which was a little surprising. PCI-dss was a big deal at IHG a few years ago (maybe because they'd been hacked in the past and knew they'd be fined next time).

Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years

Mr. Flibble

Re: Remind me

Because you could have legged with with all the bathrobes/been smoking in a non-smoking room/trashed the place.

None of this will be found until hours after checkout when housekeeping goes round to clean rooms etc.

Mr. Flibble

Re: Card numbers

1. Not all hotels have Opera cloudy servers. Some are still physically at the hotel.

2. It's quite possible that they breached "Valhalla", their back-end reservations database. This is probably why it is limited to Starwood hotels and not the whole group, as Marriott use a different system.

Mr. Flibble

police-requested guest registration

Italy does this too, but they only get transferred from the hotel systems "on request".

PINs and needled: Experian site blabbed codes to unlock credit accounts for fraudsters

Mr. Flibble

Re: Can someone tell me why?

I agree with most of your points, however, once I swapped my bank (savings only), and they spent ages giving back my personal details, so I went into complain, and they said they were sorry, but they were waiting for a credit check to complete.

When I asked them why that was needed as it was only a savings account, they said it was in because they were also offering a non-savings account at the same time (which I didn't want, and didn't ask for), so there's no guarentee this wont happen when you open a normal account.

Remember that lost memory stick from Heathrow Airport? The terrorist's wet dream? So does the ICO

Mr. Flibble

Re: You only need a single hole in security to lose

Security Theatre? That's airports generally... Well, and beig full of pointless no-cheaper-than-elsewhere shops...

Civil rights group Liberty walks out on British cops' database consultation

Mr. Flibble

Re: GDPR

Yes, it's great, but will any of them pay out?

UK chip and PIN readers fall ill: Don't switch off that terminal!

Mr. Flibble

We have been told it's a certificate problem....

Gent had a power cut yesterday, and now all the hotels of a certain owner can't process cards :(

Oops.

We got 2 replacements for our devices taxied to Brussels from Luxembourg yesterday to fix 2 that were broken here, but I doubt anyone else is that lucky.

We were lucky cos we were doing a migration at the time, and our provider (3C) thought that they had caused the issue I assume.

At least the replacements worked or that would be 1 more hotel broken.

Apparently I'm not allowed to reflash the broken devices myself for security reasons, which is a bit shit, as surely everything is cryptographically signed anyway isn't it??......... <tumbleweed>.......

Hackers able to turbo-charge DJI drones way beyond what's legal

Mr. Flibble

Re: unfortunately unsurprising

Nice!

That reminds /me/ of a time when I was using cheap walkie talkies at a horse jumping day to talk to my dad. After a few minutes a soldier came over to ask if we could stop using them as it was interfering with his trailer-mounted, army issue radio... oops!

We were slightly concerned that our crappy device could distrupt army comms :(

Apple will throw forensics cops off the iPhone Lightning port every hour

Mr. Flibble

Re: Easy good passwords, here I go again...

Which is fine unless you have to use foreign keyboards regularly, and then it becomes a bloody nightmare.....

US websites block netizens in Europe: Why are they ghosting EU? It's not you, it's GDPR

Mr. Flibble

Re: they waited 2 years for EU to fund the conversion...EU FAILED

Just because regulations change doesn't mean affected parties should get handouts.

Oracle sued over claims of shoddy service, licensing designed to force adoption of its kit

Mr. Flibble

@AC

Don't get me wrong, I like /Oracle/ products. It was so horrible going from Oracle DBs at Uni to MS Access in my job. (Yes I know they work at different scales (in terms of both capacity and cost), but it was a shock moving from a decent product to "My First Database Application").

It will be a happy day when I do not have to deal with Micros products ever again. Sadly that day is a long way off.

Mr. Flibble
Flame

In this case, POS does not mean "Point of Sale"....

Don't get me started, oh, wait, you did... sorry:

Someone told me recently that the only reason Oracle bought Micros was to lower their tax bill...

And no, he didn't seem to be joking.

Micros Fidelio support has been crap for as long as I have had to deal with them, but according to ex-colleagues they've got worse still, which is hard to believe is possible.

Their tills are ridiculously expensive for their specs, and when I contacted them about a directory traversal attack on their crappy software, I was told that it wasn't a security problem and to go away!

Oh, and don't get me started about that piece of crap Property Management System called Opera that they keep saying only supports an antiquated version of Java, and needs 15 specific browser settings and IE in compatibility mode to work properly....

I mean, sheeet, the company is too tight to even buy a SSL Cert from a company that any browsers know about, and that's their cloudy platform, not just some random internal server!

Last year, a project was delayed because Oracle shut down their ordering systems for a month so we couldn't order any upgrades! What sane company does that???

</rant>

'A sledgehammer to crack a nut': Charities slam UK voter ID trials

Mr. Flibble

Significant barrier?

"Voter ID reforms present a significant barrier to democratic engagement and could disadvantage young people, older people, disabled, transgender, BAME communities and the homeless"

I'm confused, I thought you had to have an address to vote anyway, so that won't make it any worse for the homeless, surely? (Not that I'm for or against Voter ID at the moment).

Stand up who HASN'T been hit in the Equifax mega-hack – whoa, whoa, sit down everyone

Mr. Flibble

Re: Can't even be arsed to use an Equifax cert?

Yes, Quite. Sometimes I think I'm in a very small minority when I suggest this to people - they usually just look at me funny like i've said something insane.....

Connectivity's value is almost erased by the costs it can impose

Mr. Flibble

Re: Amazingly still not going dark...

Our house is rapidly turning into that due to us adding that aluminium foil-backed celotex/quinn therm insulation :(

If we're not careful we'll need an AP in each room and an expensive controller :(

Skype-on-Linux graduates from Alpha to Beta status

Mr. Flibble

Re: I would be interested to know...

It's still in heavy development.

For me it's a toss-up between ring and tox (https://tox.chat).

They are both promising, and I'm running a relay for tox to help out (and for ring if OpenDHT will behave on my system).

The major problem on both is lack of caching messages for someone if they are offline. When that gets fixed they will be awesome!

Go ahead, build better security: it just makes crims try harder

Mr. Flibble

“All [better security] it means is that you will piss of the bad guys and they will become more sophisticated.”

Isn't that the idea?

Sophistication usually means more effort is required, and therefore surely some will give up or choose another less-well secured company?

Patch Cisco ASA ASAP: DNS, DHCPv6, UDP packets will crash them

Mr. Flibble

Re: Too bad they charge for updates

Yes, unfortunately they are.

However, at least their website lists the checksums for free, so at least you can erm, find the files from other sources and check they aren't backdoored...

Is Kazakhstan about to man-in-the-middle diddle all of its internet traffic with dodgy root certs?

Mr. Flibble

Re: South Korea is already doing it.

To be fair to them, the current CA (valid from 2014 to 2017) is only for "*.gvpn.go.kr"

Windows 10 is an antique (and you might be too) says Google man

Mr. Flibble

Re: Revisionist

Yes, and no need to reboot lameness if you change your DNS servers or add a modem etc. like on NT4

Anons blow Japanese airports off-course in dolphin cull protest

Mr. Flibble

@AC - whale oil beef hooked

<shrug> Oh well, at least it's bringing attention to the situation as the government isn't likely to do anything about it without extra pressure, so that's fine with me.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021