* Posts by Oddb0d

51 publicly visible posts • joined 14 Apr 2012


VPN users menaced by port forwarding blunder


Re: sshuttle for the win!

That's basically what sshuttle does, the clue is in the name ;-) It works like ssh port forwarding but without the need to setup the forwarding rules in advance.

Edit: Swarthy wins.

Two more Eagles land in AMD's bird-of-prey aerie


Re: Aerie???

It's a variant spelling of the same word, so yes, but also no.

SPB's mountaintop HQ menaced by wolves


Re: I live a sheltered life....

I thought the exact same thing as wolf attacks near SPB Software's development HQ are not new, as this story from 1911 attests.

Blighty goes retro with 12-sided pound coin


It's Grand Theft Auto 5 day: Any of you kids remember GTA the First?


The Guardian apparently had the same idea: http://www.theguardian.com/technology/video/2013/sep/15/making-grand-theft-auto-video

Extra train-spotter points for anybody who recognises a former Zzap! staffer (I certainly had no idea he was involved in GTA).

"Apparently, it was originally developed on the Amiga, but as the Amiga market died, they moved to the PC."

I doubt it, firstly, most game developers were already moving away from the Amiga before Commodore went bust those that could afford to had already jumped to the Playstation, N64 & Saturn, secondly, it isn't mentioned in the design brief (http://dl.dropboxusercontent.com/u/92277/RaceNChase.pdf) which does include mention of the never finished (started?) N64 & Saturn versions.

OK, forget the 3D telly fiasco: 4K is gonna blow you away - say tech giants


...Philips with its 65PFL9708 65-incher LED TV featuring a 900MHz motion rate...

Wow talk about well ahead of the competition.

Mind-reading MRI reads letters in the brain


Re: I have published a similar study for detection of nuclear weapons

Anyone wanna pay 40$ so I can see the original paper?

Somebody already did https://www.dropbox.com/s/x2z14gw8017ezbg/for%20reddit.pdf

Touch screens and greasy mitts: All you need is glove


6 degrees of perspiration?

The rest, however, are as glossy as the hairless pate of my old school’s headmaster, Mr Ernest Shiney-McSlaphead.

Shaun Fenton (one of Alvin Stardust's sons) is the former head of Pate's Grammar School in Cheltenham.

Air-to-ground rocket men flog top-secret mobe-crypto to Brad in accounts


Re: Dual boot == information leakage

I don't think you've quite thought this through.

How exactly do you acquire Sgt Bloggs in the first place? OK, so you've managed that somehow (let's assume he was wearing an "I shot Bin Laden + I am The Stig" t-shirt), what additional benefit is there from being able to possibly track this target some of the time? OK, so you've justified this nonsense somehow, how do you make the link between what are essentially 2 different handsets? Guess? Or assume that the developers were so incompetent that they have allowed a unique identifier to be associated with secure and insecure operating modes?

If you are able, somehow, to get close enough to Sgt Bloggs to compromise his phone, what's the point in planting "tracking data", you already know where he is and can use the same techniques used to locate him in the first place.

Even if you have practical answers to the problems indicated above it is worth keeping in mind that this article is a journalist's impressions of a sales demo, all the stuff about military/spy usage sounds like pure speculation as it's all unsourced.

Telstra shed fried in fire


Re: People hate on Telstra

If Karma exists Telstra's techs will find out one of Sealink's dirty little secrets namely that you can't just roll up to Cape Jervis and buy a ticket, they have to be pre-booked.

Logistics? Monopolies? Yeah we've heard of them...

HYPERSONIC METEOR smashes into Russia, injuring hundreds


Re: Nitpicking...

It's my understanding that a meteoroid describes an object in space, once it enters the atmosphere it is termed a meteor (aka shooting star) and a meteorite describes the object once it lands on earth.

Court says startup swiped IP for high-frequency trading tech


Re: Jail time I hope

You would do well to learn the difference between criminal and civil proceedings. This was a civil dispute between two private parties, unless one of the parties ignores the Judge's orders then a custodial sentence is not an option.

Seagate squeezes out 4TB desktop monster


Re: Can I format it in FAT16?

Under Windows 2000 & later the DosDevices (aka drive letters) are merely references in the registry that point to the actual storage volume which could be an mbr partition, gpt partition or unpartitioned media like a USB stick or optical disc i.e. they are only shortcuts & are completely arbitrary as far as the OS is concerned.

Drive letters are only for backwards compatibility so the limit remains as it has since the DOS age (maybe since CP/M & QDOS):- 26 letters less the one used for the system drive.

Maximum partitions per drive would be a much more interesting question, I've found someone who has managed to create 350 partitions on a single drive inside a virtual machine but the actual maximum eludes me as this may be a limit of the diskpart command.

Hackers squeeze through DVR hole, break into CCTV cameras


Re: That's my problem with UPnP port forwarding

You could even have made it more stupid-user friendly by having dedicated firewalls and and devices have a button (like the WiFi paring button) that could allow for this to be done automatically: Press the gizmo's button, press the firewall's button at the same time, done.

WiFi Protected Setup probably isn't the best example as many implementations have a nasty PIN flaw that is easily exploited, further reading: http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf

ACCC spikes gadget price-fix


"Even the request seems odd to The Register."

Really? Could it be that this article was based solely on the press release rather than the actual Draft Determination? [http://www.accc.gov.au/content/index.phtml/itemId/1080397/display/acccDecision] NARTA's reasoning is (rightly or wrongly) stated clearly along with why the ACCC does not accept it i.e. there is unlikely to be any net benefit to the public from allowing MAP.

Many other articles on this subject have been written the same way i.e. press release regurgitation, but they are all a week old! What exactly is El Reg's excuse?

NBN contracts reveal the state of Telstra’s ducts


What IS direct buried cable?

I am not quite sure what you mean by "direct buried cable".

As a rule of thumb Telstra is responsible for maintenance up to the network boundary which on the average free-standing house ends either at the grey Madison box on the outside wall or the nearest socket inside the premises.

Faster-than-disk 1TB USB on sale soon... but if you lose it, you've lost £2k+


Where did you get those prices?

Just out of interest I clicked through to see how much Kingston's own webshop charges for the 512GB Predator, surprisingly it lists at US$1337... YA RLY. BTW the picture of said drive is quite deceptive as they're physically quite large and will not fit in some USB ports.

Kim Dotcom flashes his rack


"Would you trust your data to a company run/owned by someone with his track record?"

Definitely not, but that's because I do know his track record, including but not limited to his hacking/carding arrest in '94, the letsbuyit.com insider trading scam and subsequent collapse, the accusations of attrition.org supporting a Pakistani terror cell, the YIHAT era (aka Kim finds Bin Laden's loot), his deportation from Thailand, the Kimvestor AG loan scam including his embezzlement conviction, his world HQ being a Hong Kong virtual office, the claims of hacking Citibank & giving $20m to Greenpeace etc..etc..etc..

Unfortunately a lot of people (apparently including some Reg hacks) don't know about this stuff and think of Kimble as a stand up guy sticking it to the US authorities.

Seagate slips out super-silent 2.5in video hard drive



> To me this is just marketing BS.

Since it's probably just an existing model with tweaked firmware, I have to agree on this point.

> What's the use of a 2.5" for a non mobile device.

Lower power consumption, lower operating noise, greater storage density (2.5" drives @7mm height fit in 1/6 of the space of a single 3.5") and increased flexibility in chasis layout due to a smaller physical size, those are all pretty good reasons.

>Who needs 12 simultaneous video streams at home and do you really believe it will be stutter free sharing 100MB/sec ?

The manufacturer doesn't explain what that figure means or how it's derived but if you consider the typical data rate for a Bluray movie is around 36Mbps then 12 simultaneous streams should be no problem. The necessity for multiple stream recording comes from the market for CCTV DVRs which now typically record 16 channels of 720p video simultaneous.

New Tosh drive can wipe out 4TB 'near instantaneously'


Possible? Yes. Practical? Not yet, maybe never.

Yes I believe so but there's a big catch, the researchers claim to have done it knew exactly what data they were looking for in advance! To the best of my knowledge nobody has ever successfully performed recovery of unknown data from an overwritten hard disk. For more on the topic see "Overwriting Hard Drive Data: The Great Wiping Controversy" by Craig Wright, Dave Kleiman & Shyaam Sundhar.

The hardcore method of forensic recovery (beyond part swapping) from a failing/failed/overwritten disk is still expensive and time consuming even for large orgs, for further reading see the book "Spin-stand Microscopy of Hard Disk Data" by Isaak Mayergoyz and Chun Tse.

Put it this way, the Centre for Magnetic Recording Research at UC San Diego have been unable to recover anything from overwritten hard disks that employ PRML (i.e. all modern hard disks), this is important because this was the institution that requested T13 & T10 add the sanitize commands to the ATA & SCSI standards.


Re: Backdoor?

An important point that you've ignored is that those same agencies need storage media just as much as anybody else, at some point they also need to dispose of that media. As a point of fact the NSA was, up until 2008, a sponsor of the research to implement fast secure drive erasure in the first place.

Lacking any evidence to support your bizarre hypothesis, try this simple question putting yourself in the place of the NSA. Is it practical to procure backdoor-free storage without having someone audit the firmware of every drive manufactured?


The truth is that comparitively few people know what the sanitize/secure erase commands really do. The ATA spec only defines the commands, implementation is left to manufacturers.

The key overwrite idea is simple, logical and probably correct, but only Toshiba knows for sure.

Russian ransomware strikes Queensland doctor


Re: Offsite backups!

Source article clearly states: "The server with encrypted information is being held offline and an IT contractor is working with the practice to restore a backup of patient records."

New York invites designers to invent Future of Phone Booths


@Steven Roper: Several emergency numbers were considered for Australia, 000 was chosen for multiple reasons. The first being that it's hard to dial by accident (same reason as 999) and the second was that in far flung regional areas that had very basic automatic exchanges, 0 was the auto trunk access number so dialling it 3 times in a row would at the very least get you a Central Office operator. 111 was no good as phone and exchange equipment was all mechnical, a poorly lubricated phone dial or faulty exchange relay could lead to accidentally dialling emergency whenever you dialled any number beginning with 3 or higher, this is because the slow travel of the dial would cause the exchange to recognise the make-breaks as individual digits i.e. 3 ones instead of 1 three. New Zealand is slightly odd in that they chose 111 for the reasons above, the difference being that their dials are numbered 1-9 instead of 9-1.

Court ruling means Kim Dotcom can sue NZ spooks


Re: Thanks for clearing up the badge thing.

Probably for a lack of irony considering Dotcom has previously gone by various stupid names including the classics Kim Tim Jim Vestor and Royal Highness Kimble the First.

Long-distance robot makes landfall in Oz


Re: Papa ooh mau mau


Malware made which can share a smartcard over the internet


This sounds familiar...

Isn't this the same type of attack used by Sykipot?


Plastic screen outfit teams with Epson to offer screen on your plastic


Re: And I'd love to see...

@A J Stiles: The Lexar Jumpdrive Mercury, which includes an e-ink based capacity gauge, was introduced at CES 2006. Calculating free space within a filesystem is a complicated matter but the overall drive usage is trivial given that the flash controller already maintains an allocation table used for garbage collection, the number of unallocated pages is a "good enough" indicator of free space.

@Stoneshop: That would just add complexity, besides, all the host sees with a modern drive is a big block device, only the controller/firmware really knows what the capacity, usage and other layout details of a drive really are.

BTW In the case of hard drives I think it's a rather odd idea, either the drive is connected to a host which lets you see the free space or it's not currently in use in which case its capacity is surely more important than its free space.



Re: Check this out ...

That's entirely the problem, electrolysis requires electricity. From paragraph 4 of your link, "To break the molecule down, a voltage of 0.37V needs to be applied across the cell - much less than the 1.23V needed to split water." In the photos, where is the electricity source that is supplying the electrolytic cell?

Although possibly true an equally likely explanation is that this contraption is exactly what it appears to be, a car battery connected to an inverter with a light bulb on the end. The green tank (which looks like an old refrigerant bottle), water filters, "one-way valves" (which look like in-line fuel filters from a car) and in fact the generator itself appear to be just decorations.

Amazon's Bezos confirms content pays for Kindle


The author is implying that there is vendor lock-in with both companies because Kindle users generally buy books from Amazon & iBooks users from Apple's iBookstore, however this is only true as far as people are lazy and/or ignorant as noted by the author in the next paragraph.

One of Amazon's ebook formats (AZW) is the common MOBI file format but is normally protected with their proprietary DRM scheme. The other Kindle format (Topaz or TPZ) is unique to Amazon and uses a different encoding scheme but the same DRM as AZW. However all Kindle's can display unprotected MOBI files that can be purchased from ebook stores other than Amazon.

Apple does the same thing with the iBookstore i.e. they use a common ebook format (in this case ePub) and apply their FairPlay DRM to it. As with the Kindle, iBooks can read the unprotected base format which allows access to titles from other bookstores.

Microsoft: Pirates at high risk of malware infection


Re: So - read the licence.

The stats being discussed were clearly taken from installs of MS Security Essentials (and possibly Forefront) which requires user permission to report detections back to MS, it is clearly stated when you install the program and is easily turned off with a single checkbox.

I fail to see anything unethical here.

British Library tracks rise and fall of file formats


Re: Apple Quicktake

There is apparently enough info on the web to deal with that format, try here


or try Image Converter by Bitten Apps, the current changelog specifically states "Fixed a bug where the application would refuse to open QuickTake PICT files."


4K vs OLED: and the winner is...


Surely the k in 4k should be lower case or will these sets only operate correctly at temps approaching absolute zero?

Personally I don't believe either tech presents a compelling pitch to consumers, 4k res and higher will inevitably trickle down from digital theatre projectors to satisfy people who want enormous screens. OLED seems to have suffered from the problem of too many promises with not enough product, I wouldn't be surprised if yet another new display technology displaces it before manufacturers can sell screens at a profit, especially at larger sizes.

'Your app will work on Windows 8 - but please rewrite it anyway'

Thumb Up

Re: need to avoid daft decisions

Umm guys the example was extremely specific and intended to demonstrate functionality that was removed from the Windows search interface i.e. the ability to target searches WITHOUT resorting to the command line or AQS voodoo. It is ridiculous that a query that could easily be done from XP's GUI now requires an incantation more complex than the average shell command.

@Dave 15: It can be done from the search box but requires the use of Advanced Query Syntax, something like this:

fred AND System.ItemFolderNameDisplay:C:"\this\strange\directory" AND type:.sam

Utter insanity...

Brains behind Kazaa and Morpheus unleash patent storm


Scorpions in my vagina?!?

Actually it would fit the modus operandi of these colourful characters almost perfectly. Kevin Bermeister already tried suing the RIAA using one of the same patents back in '04...


...and when that didn't pan out, Altnet went after Streamcast...


...now they're BFFs, this must be a textbook definition of patently absurd.

Smartmobe Wi-Fi blabs FAR TOO MUCH about us, warn experts


SSID broadcasts (aka beacon frames) are not relevant to what is described in the article.

WiFi adaptors periodically send probe requests in an attempt to connect to the closest "friendly" network which is to say one that the device has previously been connected to. The trick here is that the researchers setup multiple access points that listen for these probes and then recorded the MAC address (this is a guess on my part but it's the most obvious method of tracking a single device). As the device is moved from one place to another they simply follow the trail of probe requests that contain the same MAC address and voila you can track a device, and by extension a person's, movement in a completely passive way.

GNOME hacker: Culture isn't holding desktop Linux back


Re: Nope...

"because Microsoft doesn't like you to do that" sounds like a conspiracy theory to me, especially as the truth is much more mundane. Windows Defender & MS Security Essentials (so not just Win8 then) remove HOSTS entries for doubleclick, twitter & facebook (probably others as well) on the basis that these are commonly targeted by malware for browser hijacking. This mechanism has been in place since 2008 and is also built-in to security products from Kaspersky & McAfee.

Sony opens cover on latest e-Reader


Re: Yep - that's Sony

Sorry Philip but A.C. is quite correct, the reason you need SonicStage is because of the DRM system (OpenMG) and proprietary audio coding (ATRAC). Early Sony players can't decode MP3s (despite what the marketing claimed) they only support ATRAC audio with SonicStage "helpfully" transcoding before upload to the device.

Why? Because SonicStage pre-dates flash based music players, it was previously used in conjunction with Sony's MiniDisc devices.

Australian government gouged on PC software prices


Fair but cut the author a little slack

The acronym is expanded below the article, where the tags are. Besides it's an easy thing to overlook when you're writing with length & deadline in mind.

WD's 2TB Green giant can't jam hardness into standard slot


"It looks as if the 2TB Scorpio Blue has effectively become the 2TB Green drive."

If you open up a 2TB My Passport Studio you will find a Scorpio Blue with a model number WD20NPVT, the exact same model number as the "Green" pictured in the article. This shouldn't have been hard to work out as the 1TB My Passport Studio used a 12.7mm drive which also wouldn't fit in a normal laptop drive bay.

Cheap laser could help save expensive aircraft

Thumb Up

Re: correct me if I'm wrong

You're quite correct, the caption from another version of this story is "Artist's impression of the laser-based sensor augmenting a Pitot tube. Credit: Sven Wittig".

Carbonite disputes ASA censure of cloud storage ads

Thumb Down

Re: Double standards at the ASA?

Double standards my arse, this story hinges on the fact that someone actually complained not just thougt about it or griped about it on some random website, if you're really pissed off take some action. The amount of effort require to make a complaint is about the same as posting a comment here.

Several ISPs in here have been sanctioned for trying to pull the "unlimited" trick and it certainly wasn't because the Ad Standards Bureau reads El Reg's comments. A recent example:


EA sues Zynga over ripping off Sims Social


I'm pretty sure that honour goes to the plethora of Pong clones however Giana draws a better parallel with this story due to Nintendo's legal action at the time of release.

R.I.P. Armin Gessert

Expert: BA doesn't need permission to google your face


I'm not sure that pointing the finger primarily at BA is warranted as they've probably been sold this idea by Google, a company who only last year told Time.com

“In fact, we are NOT ‘introducing a mobile application’ (as the CNN piece claims) and as we’ve said for over a year, we would NOT add face recognition to any app like Goggles unless there was a strong privacy model in place. A number of items ‘reported’ in the story, such as a potential app connecting phone numbers, email addresses and other information with a person’s face, are purely speculative and are inventions of the reporter."

Source: http://techland.time.com/2011/03/31/googles-facial-recognition-app-take-my-photo-get-my-contact-info/

Multi-platform exploit sniffs your OS, penetrates your back door


User-Agent? I don't follow.

As others have mentioned I'm not sure this can really be called an exploit. I'll suggest "blended threat" as a possible alternative or maybe "bell-ended threat", since only a dickhead would fall for this lame trick.

Apple cops $AU2.5m fine for misleading consumers



Well it would be, assuming Australia's current per capita GDP and if the population of Australia was 40 people :-)

Why not compare apples revenue with Apple's fine to see which is better for Australia?

- Export value of AU apples to USA = $0

- Fines levied against fruit themed US businesses for deceptive ads = $2.5m

Kiwi telcos hungry for consolidation



"Telstra has a potential war chest of AUD$22 billion based on forecast NBN compensation."

Where did this figure originate from? I can't find a reference to it anywhere, $11bn seems to be what's being bandied about.

Al Gore pumps $12m into cheapo TLC flash upstart


How long do you want it to last? The expected lifespan and speed of a flash drive is primarily determined by the controller & level of over provisioning as explained in an earlier article:


Essentially it boils down to price/performance/lifespan, pick two.

Kim Dotcom resists password grab


Re: Privacy?

Yeah you're right it's clearly a typo. But, on the other hand, the indictment accuses MU staff of searching people's uploads to locate material that was later added to megaporn & megavideo. It seems unlikely that they bothered telling their customers before doing this so privacy violation is a possibility.


Valve seeks geek to design 'platform hardware'


Re: What OS will run on it ?

A reasonable guess except Valve's also looking for a Mechanical Engineer and a Firmware Engineer, that suggests something more interesting is in the pipeline. Who knows maybe they'll include a Grav Gun with HL3 pre-orders?