Posts by Doctor Syntax

Re: Risk Management

"Simple."

The word you're looking for is "simplistic".

As has already been pointed out all unpatched versions of Windows are vulnerable. Patching itself introduces risks - patches have been known to break things and now that MS are rolling multiple patches together those risks are increased. So patching also involves testing and testing takes time.

The specific risk for XP is that it doesn't get patches. But, again, the issues with XP aren't simple. In many cases it will have been retained because something mission-critical depends on it and replacing whatever that is may require major expenditure and further risks. If your MRI scanner, for instance, relies on a no-longer maintained piece of XP-only software do you simply put your hand in your pocket for a few million to replace it, commission a rewrite and take the risk that it may fail in some respect to emulate the existing product or do you keep using XP?

These sorts of issues are not easily solved. Of course they only exist in the real world so please feel free to keep helping with your advice.

Re: worthy of mention

"On stand-alone PC's, ensure you have an adequate AV solution"

The problem with this is that the signature for any new malware won't be available until the target has been released, infected systems and been reported. When something spreads as fast as this has done that will be much too late.

Re: I've done the Linux thing

"he woman at the other end had just tried to tell me Linux runs under Windows."

Well they do have a Ubuntu subsystem in W10 - although I doubt the average scammer would know that.

Re: Ideas for a new game

Final plans for the invasion of India with a special unit to be dedicated to liquidation of phone scammers.

Re: I'm missing out

"Take out service with TalkTalk."

There are limits. Now go and scrub your keyboard with soap and water.

Re: professional scammers

"He/she/it/they said "Hello Mr. Shaw" in perfect English to which I replied in Italian, for the lulz."

I'd have thought linguistic skills ought to be able to earn them a better legitimate income than scamming. Or maybe the scamming's just a sideline.

Re: something or nothing....

"ever tried deleting/moving/modifying a file on a network share that you only have "read" permissions to?"

Those file you only have read permission to - how did they get there? Could it be that someone has to have write permission?

On a more practical, albeit longer term scale alternatives to simple shared folder need to be looked at. As one approach I'm currently setting up Nextcloud at home. I have several alternative ways to share files with a client. One is to use the webdav client to sync a specific desktop folder with the server. That means that even if I had a ransomware program running wild on the client PC it could only (a) affect files on the synced folder and (b) the contents of the folder on the server are versioned so that the last good version can be restored.

Re: Thunderbird users?

"I was using email long before the Internet was set up"

Now that's really going to blow the OP's mind. Email not only without the web but also without the internet. Bang on!

Re: Can someone give me an idea of what sort of money is involved?

"If there are Thunderbird developers still in existence (and I frankly doubt it), they have rejected each and every one of your ideas every hour of every day for years upon years."

Good try at trolling. As they incorporated Lightning (see my previous post) that's at least one of his suggestions that they haven't rejected. What's more their not rejecting it pre-dates his posting it.

On the whole I have some sympathy in their trying to ignore HTML and the like. It's an abomination in email.

Re: Perhaps a Good thing?

"All I would ask, is for some decent native CalDAV implementation. The Calendar plugins always seem a bit "tacked on" and not fully integrated, and sometimes will cock up."

From https://support.mozilla.org/en-US/kb/using-lightning-calendar-add-on

Starting with Thunderbird 38, Lightning is bundled with Thunderbird. This means you don't need to install it separately, but simply confirm to use it once you create a new profile or upgrade from a previous version of Thunderbird.

What's not, AFAIK, built in is Lightbird, an add-on to Lightning which provides a the calendar in its own window with a somewhat different and, to my mind, better interface. Native CalDav would also be useful.

Re: Apart from security fixes - why change Thunderbird ?

"Google Calendar also opens in a separate tab"

I think I can see the problem there.

Re: Apart from security fixes - why change Thunderbird ?

"Calendar improvements."

Make Lightbird a component instead of an add-on.

Re: Pointless interface changes ?

"Android doesn't even seem to know what I'm talking about."

It only seems not to know what you're talking about. But that's another issue.

Re: Pointless interface changes ?

The outcome I'd like to see is one that was discussed back when this was first raised: Thunderbird (and Lightning) joins the Document Foundation (i.e. LibreOffice) and preferably takes the other orphan child, Seamonkey, with it. LO would be able to add a mail client and PIM and, if Seamonkey is included, a browser. The interface could then go back to the old style which would better fit in with LO and maybe there'd be money to add in its own CalDav connector instead of relying on SOGO.

"fewer potential exploit avenues"

Just a few big exploit avenues: Google, Microsoft, Yahoo, your ISP etc.

"and/or points of failure."

The same.

One point about ISP-hosted email: people just assume it's there and always will be. I read of one person who changed ISP and then discovered, too late, that his emails were on someone else's computer because he hadn't downloaded them and because he wasn't a customer his email account was closed so all his old emails were lost.

Re: Cloud just means...

"SLA's around it all"

Do those SLAs actually prevent things from going down?

Do they actually provide compensation for the real costs to the client when they do go down?

Do those trying to fix things when they go down have your, the client's interests as their prime motivation or are they just working to the SLA?

"You do have to wonder if Comey will now be much more likely to spill the beans the next time he's up in front of the committee."

A good question for any committee member cross-examining him: "Mr Comey, would it materially change your views on security of communications to learn that the President ordered your phone to be backdoored and that you were fired because of what was overheard?"

Although it's a speculative question and he'd reckon the premise was almost certainly untrue he couldn't be sure it wasn't so it would immediately get him thinking back recent conversations to see what might be held against him. It would soften up his defences against the next question which would be the real one.

And I'd like to see what being out of office has done to his thoughts about communication security.

Re: TRUMP KNOWS what HE IS DOING

Bob, you've been out-Bobbed.

Re: They should make a deal

"Android autocorrect just suggested poltergeists?"

Android's AI is improving all the time.

"he learned he'd been fired on TV"

I've never been a fan of hanging TVs with rolling news headlines on any available piece of wall. I suppose he's not now. Should have known better than to give a speech standing in front of one

Re: Please stay more on topic

"agenda-driven writers"

The first requirement to write something is to have something to write. Did you write your comment by stringing random words together or did you have an agenda?

Re: Cifas is pushing education as a means to help call centre staff

"Why not just pay them enough to give a monkeys"

Something about peanuts?

Re: Agile doesn't work

"The whole point of Agile is to deliver small amounts of work on a very regular basis"

My experience is that there's a fairly substantial minimum of work that must be delivered to be of any use at all. If your first delivery is, say, a simple order entry screen and a database behind it there's no use anyone entering any data because there's no way of using it because the warehouse needs to be able to get its instructions from the system.

And if the next delivery is to print a despatch note it's still no use. Maybe the third delivery will be a picking list print so it's usable.

Then when the invoicing is added someone realises that the data collected is inadequate. Then go back to the beginning, revise the database and order entry.

A few iterations of this nonsense and you get confronted with an angry DBA who wants to know why you have to keep buggering about with database reorgs and can't you get a simple thing like designing a database right the first time.

"The projects I have been a part of that did use Agile were all about delivering working software first and foremost."

At which the users gaze in desperation because there's no documentation on how to use it.

And the developers successor s throw it away and write something that they hope does the same thing because there's no documentation for them either.

Re: Agile doesn't work

"trickle from the meltwater that is management"

That trickle from management - I don't think it's meltwater.

Re: Sales and Marketing reality distortion field

they will charge me 5£ extra a month for two years for a 320£ phone.

They might think "hey, we are retaining him", but they are just throwing good money away.

How much do you think they're paying for the phone from the manufacturer?

How much does that phone enable them to charge you for all the data the smartness consumes?