Posts by Shamino 4 publicly visible posts • joined 22 Nov 2014
The interesting question (and probably only Barclays IT department will be able to answer) is whether using Windows 7 on an ATM really is a security risk.
Sure, Windows 7 is no longer supported and can be remotely hacked, but that only matters if the machine is accessible from the Internet. If the ATMs only attach to a private Barclays network that isn't reachable from the outside, then the risk should be minimal.
Crashing the machine with "you need to upgrade" popups doesn't help anybody here.
I've used Ikea's powered desks. They're very nice. I don't like to work from a standing position, but they're great when you want to gather several people around your desk for a quick demonstration of what you're working on. Raise it up to everybody's standing height, give your presentation, then lower it back so you can continue work from your chair.
More expensive than a fixed desk, but still quite affordable.
Congress has passed all kinds of laws like this. Laws against spammers. The "do not call" list. Laws against junk faxes. Lots more.
They pass the law and think they solved the problem, but the laws aren't actually enforced. Law enforcement agencies don't have the time or the manpower or the budget to go after spammers and telemarketers. The spammers and telemarketers aren't deterred because they know they won't be brought to justice.
I too fail to understand why ICMP redirect is ever used these days.
If you go back and read the old RFCs, you will see that the system of ICMP router advertisements and redirect was the first attempt at self-configuring hosts. On bootup, a host would broadcast a request for the best router for reaching a host and would get back (via router advertisement) a gateway address. It would cache this. If the network changes such that the best gateway has changed, then the original gateway would send a redirect message to inform the host, which changes its cache.
It made a lot of sense for a network where there are a lot of different gateway routers and no centralized server for distributing this information.
But the reality today, for most users, is that for any given site, there is exactly one preferred gateway router. Its address is either hard-coded or it is pushed into the host from a DHCP server. If it should change, the hard-coded host is expected to change its configuration and the DHCP host is expected to receive an update from the DHCP server. At no time does ICMP redirect even come into play.
In this day and age, I think it would be perfectly reasonable for all hosts to have ICMP redirection disabled by default. DHCP is more than sufficient for all but the most unusual networks.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
