So ...
... don't open files from the internet?
I think I may have heard that advice before. ;)
Posts by Nerf Herder
58 publicly visible posts • joined 3 Oct 2011
Everybody is WinRAR phishing, dropping RATs as fast as lightning
Apple hopes to save Siri from laughingstock status with infusion of Google Gemini
Hong Kong’s newest anti-scam technology is over-the-counter banking
Wednesday 31st December 2025 11:51 GMT
Re: Yep, the right step.
I'm not saying that's how it is, merely that's how I would like it to be, and, yeah, I've also been directed to "use the app". Didn't we have a banking Royal Commission that looked at the egregious behaviour of banks? One could be forgiven for thinking that the gummint wasn't really interested in holding banks to account ... or looking after people's interests ahead of corporate profits ... but surely not. Right? Right!?
Wednesday 31st December 2025 09:42 GMT
Re: Yep, the right step.
It's a similar story in Australia - many branches closing, though mostly regional - there are still "enough" branches in major cities to get by.
I like the idea of face-to-face banking. While the convenience of internet/app-based banking is great for paying bills or contactless payments in shops (if you like that sort of thing), it obviously brings with it all kinds of security and privacy exposure. If these kinds of savings accounts were available in Aus, I'd definitely have one. And if I need to get myself sorted to bring my 100 points of ID to move money, then that's on me and I'm completely OK with that. It would be even better if the staff know me by sight.
For more of the 'bleeding obvious', tune in next week when we'll discuss not writing your passwords on the whiteboard at work.
UNIX V4 tape successfully recovered: First ever version of UNIX written in C is running again
Wednesday 24th December 2025 02:46 GMT
Re: /usr
My first exposure to Unix was BSD4.2 running on a PDP11/70. User access was via traditional green monochrome 80x24 terminals, each connected over an RS232 serial interface. One of my uni projects was designing an RS232 interface box (microprocessor-driven) to add "smart" functions to the terminals. Alas, "smart" terminals in the shape of 80286 PCs arrived a couple of years later, quickly followed by client-server computing, so my box prototype never went anywhere and my chance at fame evaporated (well, OK, it never really existed, but I can dream).
I also remember that all our user "home" directories (this is before people qaintly started calling directories "folders") were in /usr.
Europe gets serious about cutting digital umbilical cord with Uncle Sam's big tech
Monday 22nd December 2025 11:10 GMT 
Shout It From The Rooftops
I'd love to see this article or a re-write (co-written?) with an Australian (where I am) focus published in regular (dare I say mainstream) media. Maybe The Guardian Australia might carry such a re-write in its technology section? I'm pretty sure our policy makers don't read El Reg.
I've been vocal for ages about the perils of the US CLOUD Act and have banged on about digital sovereignty for much longer. From what I've read, the UK is in a similar boat - far too dependent on US cloud infrastructure even for critical policing and security functions.
Sovereign digital infrastructure doesn't have to be the biggest, the best or the fastest; it merely needs to be sufficient for important and/or sensitive national functions.
Waterfox browser goes AI-free, targets the Firefox faithful
Really Simple Licensing spec lets web publishers demand their due from AI scrapers
Thursday 11th December 2025 01:06 GMT
Re: And then...
I've thought for some years now that there ought to be a public search engine or directory - the equivalent of the Yellow Pages (or Pink Pages depending where you are) that indexes all sites (that opt in) but not just for businesses, like back in the old days. If SEO isn't working or big tech is playing hardball, then at least there's something to fall back on. Practically, it might have to be limited by, or focussed on, one's own country.
Thursday 11th December 2025 00:59 GMT
Progress
Well, I figure it's progress. It should be up to each site how they interact with data scrapers - no crawler or bot should have an "override". If AI bots (specifically) have to pay their way, maybe the economic case for AI-enabled summaries won't stack up but (assuming they're permitted by robots.txt) regular search still does (via search > click-through-to-site > advertising).
If I were still running a site, I'd definitely adopt something like this.
Whatever legitimate places AI has, inside an OS ain't one
Tuesday 2nd December 2025 13:21 GMT 
Agentic Hypervisor?
The agentic platform might (in an ideal world) act like a Type 2 hypervisor - situated between the OS and the active user desktop (and application suite) if it's turned on and active. That seems like a reasonable way to do it - transparently intercepting a user action and turning it into a series of integrated application and system calls. And like a hypervisor, it ought to allow multiple agents to run simultaneously, if that's the way Microsoft wants to structure their AI. If turned off, the active user desktop would run normally (natively) over Windows without AI. The user could also switch on the fly between agentic AI and non-agentic (no AI) desktop that way, too.
I figure that could improve reliability, useability and stability as well as respect user choice.
Otherwise, like any good Type 2 hypervisor, it should be completely removable.
Anyhow, it's all academic to me - I use Linux.
Tuxedo Computers slams lid on Arm Linux laptop after 18 months of pain
Systemd 259 release candidate flexes musl support – with long list of caveats
Friday 21st November 2025 04:40 GMT
Re: Around systemd-400 …
Embrace, extend, extinguish?
Tbh, I haven't looked deeply into systemd's inner workings or expansion - I'm merely using it as that's what comes with my daily-driver distro - but it occurred to me recently that, if this trajectory is followed far enough, we may have to start calling our favourite OS "Systemd/Linux" instead of "GNU/Linux".
When Debian won't do, Devuan 6 'Excalibur' Linux makes the grade
Thursday 6th November 2025 12:52 GMT 
Oooohhh ...
... Linux that still takes some effort. Cool. And no Agent P in sight. Even better.
> "Call us cynical if you wish – it's true – but we suspect that this would be a great deal too much for the average Raspberry Pi owner."
To me, that's a badge of honour. Tearing some (more) hair out while solving perplexing install problems doesn't make me want to give up. It's more like, "Thank you, sir, may I have another?"
I look forward to beating myself with a paddle ... sorry, I mean ... playing with Devuan, soon.
Microsoft 365 business customers are running out of places to hide from Copilot
Square Kilometre Array is so sensitive, its datacenter needs two Faraday cages to stop RF leaks
Thursday 2nd October 2025 06:53 GMT 
One letter makes all the difference
"The SKA’s designers chose Murchison because it is remote and almost devoid of human activity"
You know, if they had changed the requirement by only one teensy-tiny little letter ...
"remote and almost devoid of humane activity"
... they could have put it in the middle of Canberra.
'Delightful' root-access bug in Red Hat OpenShift AI allows full cluster takeover
Criminals broke into the system Google uses to share info with cops
In Otter news, transcription app accused of illegally recording users’ voices
DARPA’s Cylon raider autonomous fighter jet advances to next phase
Australia’s attempt to join the space race lasts just 14 seconds
Thursday 31st July 2025 05:56 GMT
Re: ...contrasts strongly with India’s space program,
Rocket Lab is a US company now but the founder (Peter Beck) is from New Zealand. From their web site:
"Headquartered in Long Beach, California, Rocket Lab operates facilities including advanced manufacturing and mission operations centers in Virginia, New Mexico, Colorado, Maryland, Toronto and New Zealand."
Oracle VirtualBox licensing tweak lies in wait for the unwary
FreeBSD 15 installer to offer minimal KDE desktop
Sunday 27th July 2025 02:18 GMT 
I think I'll give that a try
With many more new users joining the fray, Linux is becoming too mainstream ... and too easy. Everything just works now. Where's the pain, the challenge? Only through suffering do we reach enlightenment.
But I still need my system to be workable as a desktop; a curio system that 'sits on the shelf' brings no satisfaction in the same way that a 'kit car' that isn't roadworthy is a waste of effort.
FreeBSD with KDE Plasma might now become the 'happy place' where I can suffer just enough and still have something to show for it.
Arch Linux users told to purge Firefox forks after AUR malware scare
Google's Android boss suggests ChromeOS could be on borrowed time
Thursday 17th July 2025 00:37 GMT
Useful? I hope so.
This could be a useful development because, in my mind, it brings us closer to being able to virtualise stock Android, and run it on a Linux host OS. But maybe I'm dreaming.
I want to see to see stock Android (able pass the SafetyNet attestation and be seen as legitimate by e.g. banks) running in a VM, fully supported, so I can run apps in a more protected and private environment, probably across multiple VM instances. (GrapheneOS is great, but not always supported by institutions I deal with). If this ran on a Linux smartphone, great, but I'd settle for a notebook even if it has to be ARM hardware.
It's becoming increasingly important (to me, anyway) as Android's voracious appetite for personal information shows no sign of diminishing. My Android 15 handset sucks up data like it's going out of fashion, even more than I'd expected, and I hadn't expected any privacy at all, really. (I only use Android for 'personal admin' tasks where my real-life identity is required anyway, tracking might actually be beneficial and an official app makes it ultra-convenient. It's set up to be an isolated ecosystem - accounts, e-mails, contacts, phone etc. - and not used for anything else, so data leakage back to Google matters less ... though I'd still prefer it not happen at all).
For everything else there's proper Linux, configured to be as private as I can manage. And they can have my Linux when they pry it from my cold, dead hands.
Firefox is fine. The people running it are not
Three ways to run Windows apps on a Linux box
Friday 30th May 2025 06:31 GMT
Maybe we should talk over wine?
@Liam: thanks for an interesting article. Please keep them coming.
Having tried all of the methods Liam mentioned, I recommend them in a different order: Virtualisation > dual-booting > WINE/bottles. That's probably because I place one consideration above others - one that Liam doesn't mention - that being process and data separation for reasons of privacy and security.
I have particularly low trust in Windows privacy and similarly for any Windows applications. I know I'm preaching to the converted here, but many vendors in the Windows ecosystem benefit from data harvesting, including Microsoft. If this were ever the case for Linux, I'd probably shoot myself, because that would be the 'end of the world' as far as I'm concerned. Despite some improvements in Windows security, and assuming well-configured machines, the combined criticality of Windows exploits still outstrips those in Linux by a considerable margin, IMHO.
Thus, to run a Windows application in the rare cases where I can't use a Linux equivalent - assuming it's not work, for which I use a dedicated laptop - I prefer Virtualisation in order to guarantee application compatibility and keep Windows neatly coralled where I want it, only permitted to touch hardware or data where I deem it acceptable. Dual-booting means that hardware is still at the mercy of Windows along with any privacy or security exploits for which Windows is a conduit. Plus, there can be issues where Windows decides, for example, to over-write the Linux bootloader or mount your Linux partitions after an update, as recently happened to acquaintances of mine.
Then there's convenience: switching rapidly between Windows and Linux, and easily transferring data (but under my watchful eye), is a boon for the time-poor. As for cost, I don't mind the higher-specced machine - I'd do that anyway and the price differential is pretty small, actually, all things considered, assuming you were aiming for a machine with decent performance in the first place. The hardware demands aren't that bad: I'm currently typing this within a KVM VM on a 15 year-old (Jan 2010), self-built quad-core with a total of 8GB RAM and only modest graphics. I also run several Windows VMs but only one VM at a time. It doesn't require additional patience.
I, too, used to be a Virtualbox user until mid-last year when I switched to qemu/KVM. I find KVM more reliable overall and slightly faster. And the Virtualbox version in some distro repos is out-of-date.
For a user who simply wants to get Linux to work - having come from Windows-only - then I suppose dual-booting would be a good place to start. That's where I started, many years ago.
Aussie rocket foiled by premature fairing pop
LastOS slaps neon paint on Linux Mint and dares you to run Photoshop
Tuesday 20th May 2025 07:41 GMT
Linux Format
"Since we mentioned the UK's Linux Format magazine, sadly, it looks like issue 329 is the last one"
Yes, sadly, Linux Format is gone, rather abruptly. It won't be continuing in digital-only format, either, as announced via the Pocketmags digital publishing site a while back. Back issues are available until April 2026 via Pocketmags and you can print your favourite articles until then, with a limit of 8 pages at a time.
Mars may have vast underground oceans and enough H2O to make it a water world
Tuesday 13th May 2025 11:50 GMT
Hardware? No Problem!
" ... and absence of local hardware stores."
Just drop even a slight hint that a competing hardware store might be in the area and Bunnings will build a mega warehouse quick as a flash: https://www.abc.net.au/news/2025-05-13/bunnings-warehouse-competitors-suppliers-four-corners/105281266
Problem sorted.
Google slips built-in terminal, Debian Linux VM into Android 15 March feature drop
Thursday 13th March 2025 13:07 GMT
I'd much rather ...
... have this the other way round. I'd like a Linux-driven (but not ChromeOS!) handheld with an Android session option (virtualised on some suitable hypervisor would be fine). I want Linux to be in control of the hardware/system and to give Android only the minimum it requires to run each Android app that I need. I suppose it would be a bit like GrapheneOS in applying control over the Android side, but with Linux as the underlying host OS.
More Voyager instruments shut down to eke out power supplies
Japan's wooden satellite exits International Space Station
Hardware barn denies that .004 seconds of facial recognition violated privacy
Australia tells tots: No TikTok till you're 16... or X, Instagram and Facebook
Monday 11th November 2024 17:01 GMT
Re: Safe environment matters
Not to make light of childhood trauma but no matter what technology is adopted, and no matter what legislation is enacted, there will always be cases of abuse and harm, as regrettable as they are. I don't support widespread child access to social media. We agree on that. It's the 'how' (where the filter/block is implemented) and 'who' (the decision maker) where we disagree. I also have strong opinions on the potential for scope creep of 'age verification' (ID) technology and its ultimate application to consenting adults that I believe is inevitable if people don't push back.
Monday 11th November 2024 16:57 GMT
Re: Hmmmmm
"... but Google, Apple, and social media networks won't do anything they're not legally obliged to ...".
Precisely. Filtering/site blocking at device level (in concert with DNS) and 'safe search', which already exists (so requires no more cooperation), gets around platform or site intransigence. I don't mind legislation to put the 'one click' simplicity of choice in the parents' hands and would rather the age 'verification' be performed by the parent at the point of exercising that choice.
Regardless of what major platforms like TikTok or Facebook do (or don't do), there will be hundreds of thousands (and then some) of unsavoury sites not fit for children that no legislation centering on 'age verification' will ever address. But filtering/site blocking can and does do this and can be kept accurate up-to-the-minute. I've set up and run such systems myself. Don't expect perfection, but it's better, IMO, than relying on a handful of platforms to 'verify age' ... and thusly mandate and make commonplace the most invasive ID technology yet created ... and aimed at children, too!
Monday 11th November 2024 15:09 GMT
Hmmmmm
Sorry for the long-winded rant ...
I'm no fan of social media. There are good and bad aspects to each service but on balance I could do without the lot of them and I avoid them if possible. Having said that, I am a firm advocate of informed free choice. My choice is not your choice. Also, not every adolescent matures at the same rate and parental wishes should be respected, IMO.
I would much prefer a solution along the lines of provisioning each child's device in 'kid mode'. You know the drill: locked admin/owner acount, child (user) blocked from installing new apps or changing DNS settings, no VPNs permitted, mandatory content filtering and site blocking (e.g. via 'safe' DNS), safe search, etc. That could be made even better if filtering, search and site blocking were linked to the age bracket of the child (user). For shared devices (home or school computer, if anyone is still using those), the humble user account ought to be able to achieve the same (since it has for many years now). Nothing is 100% perfect, but at least that puts the power in the parents' hands, leveraging existing technology that could be made almost 'one click' simple with a few tweaks - and that's where I think Governments should really be exerting pressure - to make that 'kid mode' as simple and foolproof as possible.
But no. Government is instead mandating IDENTIFICATION AND TRACKING as they do with monotonous regularity. Why do they always choose that path? Hmmmmm.
To me it's simple. Platforms and OS makers cooperate to make 'kid mode' an almost 'one click' simple operation. PARENTS make the decision to activate the mode and select the maturity level or age bracket. PARENTS also provide the parental guidance around why (assisted by, one expects, a helpful brochure from the Government). Safe DNS/safe search should filter out adult-oriented non-platform sites. Site block lists or content filters could even be augmented or provided by Government. This approach allows the adults to be left alone to do what THEY choose free (short of actual criminal violations such as CSAM, drug trade, etc.) from privacy intrusions or, more specifically, free from the threat of being identified and tracked like animals against an ever-shifting idea of what is or isn't 'acceptable'.
As an Aussie, I've been following all this very closely for the last two or so years. Before a social media ban, the rage was against porn (not CSAM, just regular porn) using the argument that adult identification was required to stop underage access. Yes, they really were lobbying hard to IDENTIFY every adult porn watcher. Of course, they claim it would be anonymised age verification .... pull the other one! But the emphasis suddenly switched to social media.
Being the cynical old b*stard that I am - and having worked in Government for many years - my take is that this social media ban (through age verification, i.e. ID and tracking) is a dress rehearsal for a future porn ban (through age verification, i.e. ID and tracking). It started that way and I think it will finish that way. There really are people, in no small number, who believe even consensual adult porn is inherently evil and that its watchers must be identified and tracked as 'criminals in waiting'. Personally, I gave up that kind of thing years ago so it wouldn't affect me ... but ... my choice is not your choice.
Telegram founder and CEO arrested in France
Monday 26th August 2024 22:32 GMT
Re: I keep saying this... maybe some countries are starting to listen.
"The only way to combat the rise of extremism, hate and bile on social media is to make them liable for it.."
I disagree that it's the only way. It's the most convenient and politically palatable way, especially since it passes all costs to the platform (and therefore its users) and simultaneously excuses law enforcement of any real detective work.
As for my own position, I think that, while Governments have a difficult job in rooting out creators of, and active participants in, illegal activity (such as CSAM, the drug trade and extremism), forcing primary responsibility for enforcement onto the platform is a cop out with severe negative consequences (as has been alluded to in this comments page and many others).
The dividing line between sensible law enforcement and political expediency is increasingly blurry and it is adding to the erosion of trust in Government and institutions. Whilst there may be serious illegality on Telegram to be dealt with (innocent until proven guilty one would hope, even though that's not entirely how the French criminal justice system operates), it would nevertheless behoove the French Government to approach this matter with more regard for the optics than they have shown so far.
Google is a monopoly. The fix isn't obvious
Friday 16th August 2024 10:32 GMT
Just another punter's 2 cents' worth
I'd love to see Android divested so that the Android AOSP project could escape and thrive, offering a fuller set of features (rather than functionality being siphoned off into Google Play Services). That would create a more level playing field for competing ROMs (e.g. LineageOS or GrapheneOS) and hopefully promote alternative app stores like F-Droid. I've been getting tired of reading about Google Play Store apps only working with Google Play Services (instead of - as I think they should - also working on Android AOSP) or refusing to work if a strict hardware attestation fails (which is actually a software attestation). That stifles competition through Google's control of dependencies, e.g. the latest casualty is Authy. There ought to simply be an open certification process for ROMs as well as apps.
Chrome, I'm not so fussed with providing the Chromium open-source project is freed from Google's clutches. After that, Google can do what it likes with Chrome. Seeing as Chromium is the foundation for the vast majority of browsers (by user count, that is), and has thus become central to most people's access to essential online services, then running it under a foundation that's funded by multiple companies is the solution that seems obvious to me.
Biden tries to cut through fog of confusion caused by deliberately deceptive customer service tricks
Wednesday 14th August 2024 10:08 GMT
Re: I like how Apple makes it simple
"I like how Apple makes it simple ..."
Unless you don't own an Apple device, in which case it's a nightmare. I subscribed to AppleTV+ through a browser for use on an other-branded set-top-box (fully supported by Apple, with their own streaming app). It was easy and took a couple of minutes to create the corresponding AppleID. You can even subscribe through the set-top-box if you want.
However, there is (still) no unsubscribe option in the set-top-box app and the cancellation button in the AppleTV+ website doesn't work unless you use their approved browser and OS - Linux is forbidden even though that's exactly what I used to sign up, without issue. This is contrary to their online help pages.
It took hours of trying different browser combos and settings to realise that would never work. I then spent over 90 minutes on Apple support chat - being given the run around in very obvious ways - until they finally said, "OK, I can do that". And then it took two minutes.
Apple wants you to buy an Apple device or subscribe through iTunes (not available on Linux in a way that satisfies Apple, by the way). Of course. none of that was explained up front.
Lesson learned: don't subscribe to AppleTV+. Second lesson learned: avoid online products that seek to impose "software facism" (I'm looking at you, Apple, Google and Microsoft).
Biting the hand that feeds IT
