Posts by Jamie Jones 4304 publicly visible posts • joined 14 Jun 2007
Could the national security service intercept a download request and insert their own malicious version? Inquiring minds would like to know beneath their tinfoil hats!
I don't know about Linux, but FreeBSD keeps sha256 checksums of all it's distfiles (seperate from the distfiles themselves!)
Noooooo! I was dragged kicking and screaming into SQL database programming for a while at my last job... left join this, select where this. learn to optimise your queries etc.... (even though this should be the database softwares job!)
Arrrrgh, database design is to IT as accounting is to maths.
I get cold sweats thinking about it.
Kill it.
Kill it with fire,
Kill it now!
Yes, yes, http isn't encrypted and is insecure, but it still doesn't mean open the whole database is going to be readily available to the public!
Assuming the user isn't using a passwordless public wifi access point without a vpn, to get the session data, you'd need to tap in to the connection somewhere - preferably as cose to the server as possible.
I don't think you'd be able to bribe someone at an ISP/transit site with the details of a few redneck trumpies!
Anyway, it would then be only the users connections being eavesdropped on - hardly blanket access to the whole db!
Agreed.
Have you seen some of the so-called 'pranks' on youtube. Sigh.. They seem to think filming them makes them funny and OK.
Here's a hint for them: If you do something nobbish to someone, it is still just as nobbish if it's being recorded. The only difference is that you're now not just a nob, but are a nob with a camera.
Apologies.
I was getting mixed up with Uncyclopedia but it wouldn't surprise me if ED met the same fate.
Encyclopedia Dramatica is one of the more amusingly offensive destinations on the web.
Is it? I haven;t been there in years. It used to be good, but the site was overrun with brain-dead morons who kept replacing decent and witty satire with low-level toilet-stall graffiti.
And it could (will) screw up LANs everywhere.
Yep, it will do, in many places, and that brings up a security can of worms..
Basically, such infrastructure is not secure. There should be no way your internal network can be affected by external changes. Organisations whose infrastructure was affected by the verisign 'wildcard A instead of NXDOMAIN' fiasco of a few years ago should have seen it as a wakeup call, but alas...
" A tracert even had me getting out of virgins network hanging for 3 attempts then moving to BT onto manchester (where website is hosted) then hanging at the last hop."
That is simply a router that doesn't respond to ICMP (*) but tracert waits anyway until timing out.
Annoying, but not weird, or related to any network issue you have if your trace moves beyond it.
As for your problem, are the MTU values the same? And have you filtered ICMP at the router, so stopping the OS receiving any ICMP 'need defrag' messages from being received?
MTU issues wouldn't affect the traceroute, but the website could be blocking ICMP - Did the tracert succeed on the machine which could connect to the website?
(*) MS tracert defaults to using ICMP probes, unix tracetoute defaults to using UDP
I've been evaluating the budget Q8H_HD Android tablet, and it's actually a lovely piece of kit for under 30 quid.
However, it comes preinstalled with a hobbled browser that hard codes their search engine referral-url (to ask.com .... no surprises there) and home page, and also a utility that regularly phones home with a bunch of details, hardware id, google account details, and receives instructions for new apps to update/install, and those to delete (trend micro anti-virus) is on the list.
Worse, it's been flashed into the firmware to reinstall itself if deleted, requiring a complete reflash to remove (fortunately there are ways to disable it without reflashing)
Relatively benign at the moment, but basically a root-kit, especially as the Linode-hosted C&C servers are accesed over unencrypted http using non-DNSSEC dns entries...
I'm still not sure whether it's the shop, the distributer, or the manufacturer who is responsible for this, but like Sony, and now Lenovo (for the second time) it's yet another company doing stuff that would get an individual doing the same a custodial sentence
Whilst UK politicians rally fast and loose with the term 'terrorist' (to intentionally scare the populace), in America, it seems to be used by many who simply don't know what it means.
Someone commits murder in the community, and isn't caught? Residents terrified. Ergo, terrorist.
Ditto, women scared to go out at night when there's a rapist on the loose? they're terrified. Ergo, terrorist.
erecting walls and routing corridors like in Dark City
Or 'Thir13en Ghosts' - particularly the 'split lawyer' scene! [ Warning: Graphic / gore ]
But, no, that does not mean you can buy an old, damaged CD from a car boot and then download a copy off the Internet because you've "bought it already".
Why not? They keep banging on about the fact you are paying for a personal license for the media. However damaged that old CD is, originally the same full price was paid for it.
I've NEVER had real spam to my Google email address, but regularly have to check it to pull out false positives, so make that a 100% false-positive rate for me.
I was annoyed when I discovered what was happening, so went to disable it. But can you? Like hell!
"I know, let's add a feature that silently deletes peoples email..... and make it so that it can't be switched off!"
[ Yes, you can get around it by creating filters to automatically undo the spam categorising, but what's wrong with a simple "Off"? ]
" Those on rooted devices can get around this by manually backing up the apk file, but it's still a pain in the arse and it'd be good to have a better way of handling it - say a "test update" option that backs up the existing version & config to a separate location, installs the new one and lets you test it, but keeps the existing version until you fully accept the update."
Nice idea, though I suspect they don't want to have people running all sorts of old versions, otherwise they would make them available.
Though, after being bitten by that too may times, I'm now running a home-grown auto-apk backup on all my android devices.. Every version of every apk I install is safely archived on servers both on and off site.
Take that crappy BBC-News-App-which-used-to-be-fast-and-usable-offline-but-is-now-basically-a-reskinned-web-browser!
... that a company can readily admit:
"Please note that since the above real-time protection products have limited effectiveness on PCs that do not have the latest security updates, your PC will still be at risk for infection," Redmond says.
and no-one raises an eyebrow
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
