Posts by Doctor Syntax

Re: The next stage

Try telling that to HMG. OTOH the comment about a Bitcoin exchange manager and bat sounds possible.

"someone talking about it attacking the MFT of NTFS - that's a more severe attack than the MBR."

Providing the files themselves aren't corrupted something like photorec reads the sectors, tries to work out what they are and copies the results out to fresh media. Obviously it depends on the extent to which the files are fragmented. If the files are encrypted then it depends on whether they're overwritten. The only experience I had with this was with ransomware that wrote out the encrypts as new files and deleted the old ones which, of course, just marked the files' sectors as free but didn't do anything to the contents. The only problem was sorting out real images from junk heap of odds & sods from the browser cache.

Re: Or half a million Archers

Surely it should be 1,000 Bernies.

What's a depisit?

Re: Doubling up

"I presume the suggestion is that there should be new US legislation allowing them to retrieve things held overseas without bothering to consult with that nation's government/law enforcement."

Given the attitude they've taken I'd have thought they'd want US legislation that makes it quite clear that the US's jurisdiction is limited to the US and that the appropriate treaty arrangements must be used.

Re: They already have a legal route

" Even if there were anything in Irish law to prevent Microsoft's US employees handing that data over if they have access then there's no way to enforce it."

1. Big fines - and even bigger if it gets strung out until next May.

2. Privacy Figleaf completely shrivelled out of existence.

Oh what a tangled web we weave when first we practice to deceive.

"The issue, overall, is fairly complex"

It shouldn't be. There are treaties in place which lay out due processes to be followed which would have enabled the relevant prosecutor to get the information they wanted without trampling on anyone else's sovereignty. For reasons best known only to themselves - arrogance, ignorance or indolence - the US authorities have opted to ignore them. The apparent complexity arises out of that.

"${US Co} contracts with ${NonUS Co} for data center and storage service located physically outside the US ... Where does the US government go for assistance when they find a US-based (alleged) criminal enterprise is using ${US Co}'s service for its email and data processing needs?"

To exactly the same place where they should have gone in this case. To the courts of the country where the servers are operating via the MLAT which exists for this exact purpose.

It's called due process of law. Of course other countries' courts might take a dim view of that well-known US abuse of process, the fishing expedition.

Re: Oracle "Recycle bin"

"So you ask the database to delete something, then you have to ask the database to *really* delete it."

Or maybe really, really delete it. Or even really, really really delete it.

My brief encounter with Oracle simply left me with the feeling that it was thoroughly obfuscated. I'm glad I was able to make my living with saner alternatives.

Re: A member of the University Rock Climbing Club

Amateurs. In my first year at KCL the Tower of London was taken over. Someone had noticed that the guard hut door opened outwards. Smuggle in a long enough length of rope...

Re: "Sack employee without changing passwords he had access to? Root passwords? "

"Still, it does sound a little like blaming the victim though, doesn't it?"

Not really. They were both abusing basic security, albeit in two different ways. If, say, this guy had been more adept at covering his tracks and there was a current employee might easily have come under suspicion. Changing the passwords ought to be routine and is in everyone's interest.

Re: Interesting research

"t is worth mentioning, btw, that current production systems use optic and/or radar "vision", with LIDAR being very much an emergent technology in this application. At least one manufacturer (Tesla) currently has no plans to use LIDAR in their cars."

And radar is surely going to be subject to the same attacks. The "dar" in their names is a clue - it means "direction and ranging" in both cases. Optical sensors are also going to be subject to dazzling, at least in low light levels.

"At least one manufacturer (Tesla) currently has no plans to use LIDAR in their cars."

And Tesla has already been shown to miss a large object in front of it under adverse seeing conditions.

"M25 grinds to a standstill."

In other words it'll be completely ineffective.

Re: So what would you do if you were blinded while driving?

"You'd slow to a stop and pull over to the best of your ability, using your last memory of the road ahead."

Not so easy if it's on a multilane road and is now blind to traffic between itself and the side of the road. If multiple vehicles are being attacked there may already be a stationary vehicle at the side of the road waiting to be hit from behind.

Re: Ego Overload

"Adults swear, and by golly he's fully entitled to use the full length and bredth of the English lexicon to get his points across."

Actually he's made life a bit more difficult for the usual suspects this time. He didn't swear.

"I don't think you understand how libel works"

Imagine this reaching court.

Both sides would set out to prove the truth of their positions. How?

They could call expert witnesses. Who would have to be acknowledged as the leading expert on the Linux kernel?

"The paper isn't really free, it's paid for by the advertising companies. The assumption is that every paper handed out will be read by at least one person, and thus the fee set for the advertising space."

True. But the public (including the accused*) aren't party to the agreements so why should they be bound by them?

*Unless they're running the sort of circulation-boosting scam mentioned elsewhere.

Re: Nothing is 'free'

"'Free' is not the same as 'worthless' or 'without value'. Just how many commentators on here don't realise this is outstanding."

I think you're missing a couple of points here. One is that commentards are free to apply their own evaluations of the said rag and do find it to be worthless other than as a raw material. The other is that if the papers are offered to be taken away free of payment without clearly displayed T&Cs than it becomes difficult to characterise taking away large numbers as theft.

"Apparently it is not allowed to dispose of household waste in a public litter bin."

So why is it legal for marketroids to dispose of non-household waste in my letter box?

"an admonishment not to be seen in front of the courts again"

Preferably delivered to the prosecution.

"It would get really boring if all obvious things had to be written down."

OTOH it's useful to quote what you're replying to, especially with the way threading works in these parts.

Re: Conservative = tech-illiterate ?

Why do especially conservative governments tend to act completely incompetent and/or illiterate with regard to technology in gerneral and encryption in particular?

FTFY. Conservative governments have no monopoly in this respect. We've had plenty of experience with Labour govts. being just as bad whilst paying lip-service to technology (the white heat of this scientific revolution etc).

Re: If it did not have 2FA or certs it was asking to be hacked

"But random sequences of characters?"

That looks like random keyboard mashing than anything computer generated. Look at the pairs of adjacent keys in there.

Re: This is gonna suck.

"Do Not Take Your Computer To Best Buy!"

Similar businesses are available in other countries.