* Posts by Halcin

80 publicly visible posts • joined 15 Nov 2011


Payment-card-skimming Magecart strikes again: Zero out of five for infecting e-retail sites


Begs the question why do companies think it's necessary to use third party scripts that have no direct relevance to collecting CC details?

It's a cert: Hundreds of big sites still unprepared for starring role in that Chrome 70's show


"My guess for why organisations haven't replaced these certificates at this late stage only comes back to them not knowing the change is coming"

Don't Know or Don't Care?

Biz! Formerly! Known! As! Yahoo! Settles! Data! Breach! Cases! To! The! Tune! Of! $47m!



Wiat for the next breach, that contains EU citizen data, then you'll see a slapping worth hundreds of millions if GDPR regs are fully enforced !


I an't holding my breath.

Fire chief says Verizon throttled department's data in the middle of massive Cali wildfires


Free Market Capitalism

As the US is the champion of Free Market Capitalism why don't the Fire Fighters exercise their freedom to choose... Oh.

What happens to your online accounts when you die?


Huh?? (Off Topic)

Has someone gone through and systematically down-voted every comment?

Mind behind 16.7m nuisance call menace cops six-year boss ban


Re: Now he can't run a UK biz

But he can get someone else to front one for him

Maybe, but:

The marketing menace was banned in July from directly or indirectly being involved, without the permission of the court, in the promotion, formation or management of a company for six years

Hopefully this means his name can't be on any paper work. Like a letter or a wage slip. So the named person doing his bidding would have to be someone he can totally trust.

Salesforce cloud glitch blurted customer data at unauthorised users


Well, duh

We have no evidence of malicious behavior associated with this issue

Of course not. Why on earth would any Crim' make it easy for you to track their criminal activities? I'm pretty sure they do not want to get caught.

Click this link and you can get The Register banned in China


Re: Just to be helpful:

A stuffed, furry bear with a red tank top and no pants.

Or trousers ;)

SMS 2FA gave us sweet FA security, says Reddit: Hackers stole database backup of user account info, posts, messages



"We learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept,"

They're just learning this??

Some companies are still blind to this issue. My bank has confirmed that Visa is implementing an "industry-wide switch" to SMS 2FA. They believe it "has proven more effective in preventing fraud attempts than the current system." Namely Verified by Visa.

So are they painting a big target onto all Visa customers?

How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign



Preaching to the choir.

It's not until stories like this make it to the front page of "mainstream" media, will anything happen. And considering we're 10 years and counting - I an't holding my breath.

Engineers, coders – it's down to you to prevent AI being weaponised


How Many?

3100 signed the letter, but out of how many? How many others are willing/coerced into cooperating?

I seriously doubt people in countries like $Country* will be signing up anytime soon.

*I have a horrible feeling the list is too long to list.

Either my name, my password or my soul is invalid – but which?


DNA to replace passwords? Has no one seen Gattaca?

I was also going to say that replicating DNA is "easy" for those that know how. But even easier would be to say "bleed on this will you?"

TalkTalk shrugs off moaning customers to claim 80,000 more


Re: Penny Pinching Brits

But you're forgetting the constant drip feed propaganda: "Sharing is Caring", "Privacy is a Crime" & "The Innocent Have Nothing to Hide"

Web regulation could push Silicon Valley startups away from UK, Parliament warned


Read the T&Cs etc. To paraphrase: the website owner has the right to do what they want, when they want, how they want. They are the prosecution, judge, jury and executioner.

You have no right to know you've been accused, no right to know who has accused you, no right to know the details of the accusation, no right to defend yourself. And if convicted, no right to appeal. The only thing you are allowed to know, after the judgement, is that you've been found guilty.

What little I know of the laws in Germany, they seem to have further entrenched this attitude as the "best" solution. Granting unaccountable, private companies even more power over our lives.

This is not acceptable. And as the online world is becoming less optional every day, it is not something we can frivolously disregard. And yet, the prospect of allowing politicians and "civil" servants in on the act, doesn't exactly fill me with joy.

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey


Re: Is it important?

Yes! This is yet another example of the reprehensible behavior of marketing skum. It is not acceptable to confuse, bamboozle, trick people into buying one thing by insinuating it's another.

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help



Are peeps gullible enough to believe one fake news? Prolly not. But then this misses the points. The hard part to understand is plurality. It's not just one story that convinces people.

Make a lie simple, and repeat it enough times and peeps will begin to believe - there's no smoke without fire.

Then there's confirmation bias. Peeps are more inclined to believe stories about $the_opposition.

Echo Chamber. Peeps only pay attention to anything that supports their view. And will ignore those that challenge their world view.

It's the constant drip, drip, drip: Oh look he/she/their are at "it" again. And there's fatigue, peeps simply get tired banging their heads against a seemingly unbreakable able wall.

Mastercard goes TITSUP in US, UK: There are some things money can't buy – like uptime


Re: Backups and redundancy, FFS

Stop blaming the customer for the failings of the systems/software. It's not down to users fix the issue, it's down to the providers/developers/management.

If you want customers (your paymasters) to continue using your solution (and paying your wage) then you fix the problems your solution creates.

Fitness app Polar even better at revealing secrets than Strava


Is it because "Talking Heads" constantly use "The Innocent Have Nothing to Hide"™ to guilt people?

Or are App developers, by making privacy so difficult, are taking advantage of peep's laziness so they (the developers) can profit from the data? "Sharing is Caring!!!*"™

*Three exclamation marks to indicate the (forced) manic happiness needed when expressing this statement.

Banks told: Look, your systems WILL fail. What is your backup plan?


Wrong Question!!

Asking "What is your back up plan?" is the wrong question!! The correct question is "How quickly can you repair, recover, restore*?"

Back up is not the solution, Back up is one method to provide the solution.

*Repair damaged hardware, Recover lost data, Restore functionality

No more slurping of kids' nationalities, Brit schools told


Re: Fair enough, but as a matter of balance

"nationalities" != language spoken

Place of Birth != language spoken

My Mother was born in Burma and yet she is English (with an English birth certificate) and her first language is English. I was born in England and have an English birth certificate, but my first language is Cantonese. (Complicated family)

If you need info on languages spoken then ask about languages spoken. It is clear that the collection of this info has ef-all to do with helping the schools or children. And your suggestion is disingenuous at best

Infamous 'Dancing Baby' copyright battle settled just before YouTube tot becomes a teen


Perhaps I'm being dense, but given the ambiguous nature of the Ninth Circuit ruling, what was Universal appealing?

And why did the Supreme Court refuse to hear that appeal? Was the ambiguity not enough to justify their time?

I can kinda get my head around a higher court refusing to accept a case (not sure about this one though). But bouncing it back down, feels like a teacher telling a student "Not good enough, try again".

While it's standard practice to take pot-shots at lawyers. Lets not forget their paymasters. If lawyers started to abandon idiot paymasters who failed to heed sensible advice, we'd all be in trouble.

This is one of the very few times I am left bamboozled by the judgement of the judges.

Want to know what all that Fortnite hype is about? Whoa, Android fans – mind how you go


Re: Not going to mention?

What's this obsession with creating the website equivalent of a "Janet & John" book?

https://www.android.com/play-protect is one example, others are available.

Lots of white space, a few meaningless graphics inter-spaced with vacuous sound-bite PR text.

nbn™ CEO didn't mean to offend gamers, just brand them unwelcome bandwidth-hogs


Morrow had said as much during Monday's committee hearing, adding: “No-one designs a network to where everybody uses it at the same exact time”.

When the $%£@ does he think users would be using the network?? Does he even know what happens to his very own employees? The majority get out of bed at the same time, go to work at the same time, go home at the same time, and go to bed at the same time (approximately).

So evening is the only time the proletariat have for using his precious network. Or does he honestly think plebs should be required to get out of bed at all hours of the night to better manage network usage for him?

A competent CEO would insist on a network to be designed to cope with real-world requirements.

Look how modern we are! UK network Three to kill off 3G-only phones


Re: Allocated spectrum

IMHO none of the mobile operators should be allocated their own frequency blocks. Surely thats ridiculously short sighted

Yes, in a way it is "short sighted". But you also know the alternative: a monopoly. And monopolies are crap. It doesn't matter if it's a state owned monopoly (Network Rail) or a private monopoly (OpenReach). Monopolies are bad - end of.

Hacking train Wi-Fi may expose passenger data and control systems


Luxury! I would have given my right arm to enjoy riding in something like that. We have to get out and push!

Virtue singing – Spotify to pull hateful songs and artists

Big Brother

Spotify says it’s willing to deal with such debates, has teamed with advocacy groups to develop its policy

I would like to think that all advocacy groups are started for the right reasons - to tackle issues that need tackling.

However, they (the advocacy groups) need to turn everything up to eleventy-stupid just to be heard. but they never say "our work is done" or "we have achieved parity". The second any organisation is created, self-perpetuation becomes top priority.

They are run by a self-appointed minority. They are not accountable to anyone, not even to people/groups/interests they claim to represent. Dismissively suggesting I join such advocacy groups, is not the answer. There are so many claiming to speak on my behalf, there simply isn't enough hours in the day.

Courting disaster: Watchdog slams UK justice digitisation plans


Re: Meh! What's new?

Ministers and civil servants will never learn because there is no incentive to do so. All those receiving taxpayers money are immune to the consequences of their actions.

Waymo robo-taxis to accept fares in Arizona in 2018


Any bets as to how long before it's made a crime for a pedestrian to step in front of an auto-car?

ServiceNow goes for more Now, a bit less Service


Off Topic

OMG!! Since removing flashplayer, this is the first El Reg Article to include a video I can actually see and play!! (Normally I just see a conspicuous blank gap where, I assume, the video would be.)

Password re-use is dangerous, right? So what about stopping it with password-sharing?


What £$%^ arrogant!

To reduce the prevalence of password re-use, reduce the NEED for sodding passwords. Stop bullying users and start bullying the websites that demand users create an account for every inconsequential function.

Users are not an unlimited resource for you to do with as you please. Users are your paymasters. Stop making life more difficult with ever more convoluted complicated bloatware and start making the technology easier to use. Or is that not glamorous enough for you?

Google will vet political ads to ward off Phantom Menace of fake news


Re: DIdn't that just violate the election laws across the world?

So, if I want to put a political ad for a UK election I have to be a USA citizen? Really?

Didn't you know? The World IS the US. See icon for anyone t'other side of the border. Now bend over - it's for your own good.

It's World (Terrible) Password (Advice) Day!


Re: What about paper?

@Charles 9

I suspect you have been watching too many Hollywood films.

I'm talking about treating a bit of paper (with your password on) with the same care you would give £$1,000. Would you leave £$1,000 laying around for anyone to pick up? Are you that careless with your money?


What about paper?

There was a time when everyone screeched "Don't write it down!" Well, why not? Ok putting up a large sign, for all to read, is clearly silly.

But everyone has spent their entire lives learning how to look after little bits of paper. It's called money. We all have special gadgets, devices and procedures for keeping paper safe. As a society we have been learning how to do so for centuries.

How often do El Reg publish an article about crim's breaking into houses or offices to rummage for bits of (non-currency) paper? How often are people mugged for the passwords in their wallet?

A challenge - here is a copy of my paper based password reminder:

A5dQ1 t6F2P0 e4e2G8

m23ZX 8GjK4 DeW4I

mIiL8 qb4V3 60A1a

Now hack my account! Which account? Exactly.

So where is the evidence to show any/all paper based solutions are terrible? (evidence, not opinion :P ) This has been an issue long enough for there to be evidence, so where is it?

That's no moon... er, that's an asteroid. And it'll be your next and final home, spacefarer


Will our Descendants Feel the Same Way?

Watch a video, film or documentary about people from 50 or a 100 years ago. Do you feel connected? Can you understand how they feel? Do those long dead people have any idea what life is like for you?

Now imagine you are on a spacecraft traveling through the void of space. This little world is all you have known. It's all your parents have ever known. It's all your grand-parents have ever known. And it's been this way for hundreds of years.

You have no interest in what's outside your little world, because, for hundreds of years there has been nothing but void.

How can you maintain an optimistic zeal to explore when faced with that tiny world for your entire life? How can you engender excitement in your belligerent, cantankerous teenage children? And it's not just your life, you'll be fighting generations of history.

Traditions and aspirations change with each generation. And I find it difficult to believe our descendants will know, care or even understand why we sent multi-generational spaceships into the void. And if they do, will they thank us or hate us for condemning/committing them to that life?

Happy having Amazon tiptoe into your house? Why not the car, then? In-trunk delivery – what could go wrong?


Why do companies belligerently insist on trying to deliver at a time they know damn well you will not be at home?

I can get my food shopping (cost £40) delivered at 10pm for as little as 50p, so don't bother telling me it's more expensive for Amazon (other online companies are available) to deliver after the evening rush-hour.

Evening deliveries would mean saving money on fuel - less traffic congestion. And an almost guaranteed first time delivery because someone is at home.

Great Western Railway warns of great Western password reuse: Brits told to reset logins


Sorry, but there is no excuse for alarm bells not ringing when your online servers are being hit with multiple failed login attempts as "script-kiddies" test a list of username/password combo's.

Age checks for UK pr0n site visitors on ice as regulator cobbles together some guidance


Re: How is Porn Harmful

Being serious for a moment, I understand one concern is that over-stimulation from teh pr0nz and excessive onanism can cause issues with sexual response IRL.

Correlation is not causation. Did the researchers look for, or exclude alternative explanations? Like, for example, the individual "over-stimulating" so he/she can get the "dirty deed" over and done with asap to minimize the risk of being caught? er no. None of the published research I've seen have made any attempt to consider or exclude alternatives.

The people conducting what little research there is, started with the assumption that porn is bad and went looking for "evidence" to support their assumption. That's called confirmation bias

This sounds like PPPs trying to justify their puritanical attitudes with pseudoscience.

Did somebody say Brexit? Cambridge Analytica grilled: Brit MPs' Fake News probe


Re: People are easily manipulated morons...

Now if the public learnt critical thinking

Don't be silly. Our exulted leaders have made sure that the removal of any critical thinking capabilities is the main function of our state funded education system.

Voice assistants are always listening. So why won't they call police if they hear a crime?


What about a spoilt child expressing genuine distress over not being allowed to stay up late?

The Great Bulgarian Streaming Scam may well have been scummy, but Spotify got paid


Re: Did it attract other listeners?

@JeffyPooh, In short: No - not necessary. Please scroll up and read the post by Skwosh for details.

UK.gov's Brexiteers warned not to push for divergence on data protection laws


So, Everyone is advocating we comply with EU regulations, but without the ability to effect what said regulations are?

Face, face, face! Apple, TrueDepth and a nose-driven iPhone X game



You must learn to walk before you can run, and you must learn to crawl before you can walk.

This technology is still at the "learning to crawl" stage, so, of course it's "crap".

IBM's chief diversity officer knows too much and must be stopped!


Re: This isn't that unusual in the U.S.

What a surprise. The supposed home of free market ideology, where everyone does everything they can to ensure it doesn't happen.

A tiny Ohio village turned itself into a $3m speed-cam trap. Now it has to pay back the fines


And what's the betting the "civil servants" have "immunity" to the consequences of their actions.

Govt 'comprehensively ignored' advice over NHS data-sharing deal


Re: Guilt

then they'd all be guilty of various crimes

No, because "civil servants" make sure they are immune to the consequences of their actions. So any new legislation will have op-out clauses.

Eggheads: Cities, don't woo rich Amazon with sweetheart HQ deals


Re: It's the jobs

but if they do not pass a significant amount to their citizens via taxes, it might be worth doing

if And where does the money come from if not via taxes?? There is no magic money tree. The state has only one source of income and that's taxation.

Brit escorts: Without the internet to keep us safe, we'd be totally screwed


Cue the screaming abdabs by the PPPs*

*Prig, Prude, Puritan.

Feds charge Barclays trader with fraud in Hewlett-Packard deal



no one on the other side of the pond is ever charged. Not just Barclay employees, but all the others*. In Europe, there is always some "explanation" for the complete lack of criminal charges.

The criminal behavior of our "elders and betters" just keep stacking up and yet...

*Like say, staff in other banks, car manufacturers, bod's in charge of football (soccer). Other examples are available.

South Australia bins emergency alert app, contract


Re: Why is this even an app?

1: Website are so last century.

2: Greater flexibility for function creep.

3: Increased data harvesting options.

Fridge killed my baby? Mag-field radiation from household stuff 'boosts miscarriage risk'



For example, airline crew members get an estimated annual average dose of cosmic ionizing radiation – ionizing radiation from space – that's three times higher (3.07 mSv) than the general public

I have check various sources and they all say that the natural background radiation for the general public is 3mSv. So how can 3.07mSv be three times higher?